<?xml version="1.0" encoding="utf-8" ?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
	<channel>
		<title>KuppingerCole</title>
		<link>https://www.kuppingercole.com</link>
		<description>KuppingerCole News</description>
				<item>
						<pubDate>Mon, 06 Jul 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Make or Buy? A Structured Framework for Smarter Tech Decisions]]></title>
			<link>https://www.kuppingercole.com/watch/build-or-buy</link>
			<guid>https://www.kuppingercole.com/watch/build-or-buy</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Build or buy, it sounds like a simple question, but for most organizations, it's one of the most consequential and poorly structured decisions they make. In this episode, Matthias sits down with analyst and advisor Phillip Messerschmidt, who turned his hands-on advisory experience into a structured framework for getting the make-or-buy decision right every time.</p>
<p><strong>Key Topics:</strong></p>
<p>✅ Why "we can build it cheaper" is almost always a biased and incomplete argument<br />✅ How the originating perspective (business unit, IT, security) shapes &mdash; and distorts &mdash; the decision<br />✅ The most common and costly mistakes organizations make when going the build route<br />✅ When buying is clearly the better path: expertise gaps, speed, scalability, and vendor roadmaps<br />✅ Why security and risk must be part of the decision from day one &mdash; not an afterthought<br />✅ A structured, holistic framework for making the right make-or-buy call</p>
<p><em>"This cheap solution can quickly turn into a security risk, an open attack, a breach &mdash; and much more cost than thinking about risk by design." Sound familiar? This episode is for you.</em></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/build-or-buy"><img src="https://www.kuppingercole.com//videothumb/build-or-buy/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 03 Jul 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond SOAR: How AI Agents Are Transforming Security Operations]]></title>
			<link>https://www.kuppingercole.com/watch/videocast-torq-soc-automation</link>
			<guid>https://www.kuppingercole.com/watch/videocast-torq-soc-automation</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Alert overload, 24/7 coverage gaps, and human threat actors who never stop &mdash; the SOC has problems that traditional SOAR and rule-based systems simply can't solve. In this sponsored videocast, KuppingerCole analyst Matthew Gardiner and Rick Bosworth, Head of Product Marketing at Torq, dig into the findings of KuppingerCole's Emerging AI SOC Leadership Compass and explore what it actually takes to build an AI-powered security operations center.</p>
<p><strong>Key Topics:</strong></p>
<p>✅ Why rule-based SOAR has hit a wall &mdash; and how AI agents address what it can't<br />✅ The autonomy dial: why full automation isn't the goal and how to build trust incrementally<br />✅ Integrations, RAG, and MCP: the new data infrastructure powering AI agents in the SOC<br />✅ DIY SOC vs. managed providers: how agentic AI is reshuffling the build-vs-buy decision<br />✅ Where to start: alert triage, phishing, and typosquatting as low-risk entry points<br />✅ Guardrails, transparency, and the non-deterministic challenge of AI-driven security</p>
<p><em>"AI agents hate people because they're slow" &mdash; but full autonomy isn't the answer either. Find out how leading SOC teams are finding the right balance between speed and control.</em></p>
<p><em>This videocast is sponsored by Torq &mdash; featured in <a href="https://www.kuppingercole.com/research/lc81057/the-emerging-ai-security-operations-center-soc">KuppingerCole's Emerging AI SOC Leadership Compass</a>. Read the report, then watch this session to hear the findings brought to life.</em></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/videocast-torq-soc-automation"><img src="https://www.kuppingercole.com//videothumb/videocast-torq-soc-automation/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>Alejandro Leal</dc:creator>			<pubDate>Thu, 02 Jul 2026 10:22:32 +0200</pubDate>
			<title><![CDATA[Rising Star Excalibur]]></title>
			<link>https://www.kuppingercole.com/research/rs81447/rising-star-excalibur</link>
			<guid>https://www.kuppingercole.com/research/rs81447/rising-star-excalibur</guid>
			<description><![CDATA[ Excalibur (2016, Slovakia) delivers Streamed Access Management: unified PAM, passwordless mobile MFA, and remote access via a browser. Sessions run in an isolation layer and are streamed to users, with encrypted credential injection, monitoring, and auditable recordings. VITRO RBI-WAF splits the browser engine to decouple endpoints from app runtimes, while an intent engine enforces step-up controls and four-eyes governance.							]]></description>
		</item>
				<item>
						<pubDate>Thu, 02 Jul 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Navigating the Evolving IGA Landscape: Insights from the Leadership Compass]]></title>
			<link>https://www.kuppingercole.com/watch/evolving-iga-landscape</link>
			<guid>https://www.kuppingercole.com/watch/evolving-iga-landscape</guid>
			<description><![CDATA[ <p>Identity Governance and Administration (IGA) continues to play a critical role in securing enterprise environments, ensuring compliance, and enabling efficient access management. As organizations face increasing complexity driven by cloud adoption, hybrid infrastructures, and evolving regulatory demands, selecting the right IGA approach requires understanding your requirements and a defined roadmap. The 2026 Leadership Compass on IGA provides a comprehensive analysis of the market, highlighting key vendors, emerging capabilities, and strategic trends shaping the future of identity governance.</p>
<p><strong>Nitish Deshpande</strong>, Senior Analyst at KuppingerCole Analysts, will present key findings from the 2026 Leadership Compass on IGA, offering an independent perspective on the current market landscape. He will explore how IGA solutions are evolving to address modern challenges, discuss evaluation criteria and leadership positioning, and provide guidance on how organizations can align their identity governance strategies with business and security priorities.</p>
<p><strong>Nick Nikols</strong>, VP, IAM Products, OpenText Cybersecurity,&nbsp;brings a hands-on, practitioner perspective to Zero Trust, focusing on how modern identity and access management solutions can be implemented in real-world environments. Drawing on decades of experience across leading cybersecurity vendors and analyst firms, he will demonstrate how organizations can translate Zero Trust principles into actionable controls&mdash;improving access governance, securing cloud environments, and enabling consistent policy enforcement across platforms.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/evolving-iga-landscape"><img src="https://www.kuppingercole.com//videothumb/evolving-iga-landscape/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>John Tolbert</dc:creator>			<pubDate>Wed, 01 Jul 2026 12:31:30 +0200</pubDate>
			<title><![CDATA[B2B IAM]]></title>
			<link>https://www.kuppingercole.com/research/an81085/b2b-iam</link>
			<guid>https://www.kuppingercole.com/research/an81085/b2b-iam</guid>
			<description><![CDATA[ Business-to-Business Identity and Access Management (B2B IAM) has coalesced into a distinct discipline within the broader IAM market, separate from both workforce IAM and Customer IAM (CIAM). As enterprises operate increasingly complex digital ecosystems involving customers, supply-chain partners, integrators, contractors, resellers, freelancers, gig workers, and other external participants, the limitations of extending workforce IAM or repurposing CIAM platforms to cover B2B access at scale have become difficult to ignore. B2B IAM addresses the challenges that arise at organizational boundaries, where the host enterprise does not control the identity infrastructure of the external parties to which it must grant access.
This Advisory Note examines why B2B IAM requires its own architectural approach, the operational patterns and use cases that drive its capability requirements, and the steps organizations should take when selecting and deploying B2B IAM platforms. It covers delegated administration, federation and trust brokerage, Identity Verification (IDV) and Know Your Business (KYB) processes, fine-grained authorization, and continuous governance.							]]></description>
		</item>
				<item>
			<dc:creator>Warwick Ashford</dc:creator>			<pubDate>Wed, 01 Jul 2026 10:00:00 +0200</pubDate>
			<title><![CDATA[Cohesity and Veritas 18 Months On: Cyber Resilience Becomes the Measure of Progress]]></title>
			<link>https://www.kuppingercole.com/blog/ashford/cohesity-and-veritas-18-months-on</link>
			<guid>https://www.kuppingercole.com/blog/ashford/cohesity-and-veritas-18-months-on</guid>
			<description><![CDATA[ <p>Cyber resilience is the ability of an organization to anticipate, withstand, respond to, and recover from cyber disruption while continuing to deliver critical business services.</p>
<p>The real test is no longer whether an organization can prevent every attack. That is unrealistic. The real test is whether it can keep operating, restore trusted services, protect critical data, and preserve confidence when an attack succeeds.</p>
<p>That is why <a href="https://www.kuppingercole.com/blog/celik/the-anatomy-of-cyber-resilience">cyber resilience</a> is the outcome every modern business should seek. Digital business now depends on data, identity, applications, infrastructure, software supply chains, and third-party services. When these are disrupted, the impact is not limited to IT. It becomes operational, financial, regulatory, and reputational.</p>
<p>In the UK, the cyber incidents at retailer <a href="https://www.bbc.co.uk/news/articles/c93x16zkl9do">Marks &amp; Spencer</a> (M&amp;S) and motor manufacturer <a href="https://www.bbc.co.uk/news/articles/cy9pdld4y81o">Jaguar Land Rover</a> (JLR) in 2025 underline this point. In both cases, business operations were severely disrupted. &nbsp;M&amp;S had to pause online orders, while JLR had to manage a halt to manufacturing operations and the impact across a broader supply chain. These events show why <a href="https://www.kuppingercole.com/blog/small/cyber-resilience">resilience is a business requirement</a>.</p>
<p>Against that background, progress by Cohesity since its merger with Veritas should be judged on whether the combined company moved closer to being able to help organizations restore trust in business operations, not just restore data.</p>
<p>The answer appears to be yes, with the important qualification that execution at customer scale remains the real proof.</p>
<h2>From backup to operational cyber resilience</h2>
<p>A key message from Cohesity is the move away from backup as an infrastructure category toward cyber resilience as an operational capability.</p>
<p>Backup has traditionally been seen as a recovery mechanism. It answers the question whether data can be restored. Cyber resilience asks a broader question. Can the business restart safely, securely, and quickly enough to limit damage?</p>
<p>Cohesity is talking about its platform in terms of this broader idea. Its five-step cyber resilience framework covers data protection and identity resilience, cyber vaulting, threat protection, cyber recovery orchestration, and data and Artificial Intelligence (AI) security posture management. This approach brings protection, recovery, security, and risk posture into one operating model.</p>
<p>This is also where the Veritas merger becomes more meaningful because of the opportunity to combine Cohesity&rsquo;s modern data platform and AI-led approach with Veritas&rsquo;s enterprise-grade data protection heritage, workload coverage, and customer base. Eighteen months on, Cohesity Data Cloud is becoming the common platform for that combination.</p>
<p>The platform vision is built around four layers. The data platform provides the foundation. Data protection ensures data can be protected and recovered. Data security helps reduce risk and recover from attacks. Data insights aim to unlock value from unstructured data, including for Generative AI (GenAI) use cases.</p>
<p>In practical terms, that means bringing together Cohesity NetBackup and Cohesity DataProtect for broad workload protection, Helios for centralized management and operational visibility, FortKnox for isolated cyber vaulting, RecoveryAgent for cyber recovery orchestration, threat protection for detection and investigation, identity resilience for protecting one of the most critical recovery dependencies, Gaia for AI-enabled insight into enterprise data, and Data Security Posture Management (DSPM) for understanding and reducing data risk.</p>
<p>This approach is correct. Cyber resilience depends on knowing what data exists, where it sits, how critical it is, how it is protected, whether it is clean, and how it can be recovered in the right sequence.</p>
<h2>Platform integration matters</h2>
<p>Cohesity says the Veritas integration was completed in less than nine months and points to six major releases in the past year, including DSPM, identity capabilities, Gaia, RecoveryAgent, Helios for NetBackup, and Gaia on premises.</p>
<p>It is worth noting that Cohesity is not presenting the combined portfolio as two product families under one corporate owner but as a route toward one control plane, broad workload coverage, flexible deployment, and common cyber resilience outcomes.</p>
<p>The distinction between the control plane and the data plane is also important. Cohesity&rsquo;s claim that these can be independent and can be delivered as Software as a Service (SaaS) or on premises is relevant for regulated and complex organizations. Many large enterprises need centralized management, but they cannot always allow data to move freely into public cloud services. The ability to separate management from where data is processed and stored is therefore a practical resilience and sovereignty feature.</p>
<p>The simplification of consumption also matters. Cohesity is moving toward service tiers and specialized bundles. Complexity is the enemy of operational readiness. A solution that is too difficult to understand, deploy, license, or rehearse will not deliver resilience in a crisis.</p>
<h2>Restoring trust, not just data</h2>
<p>One of the strongest messages from Cohesity is that recovery is about restoring data, while cyber resilience is about restoring trust.</p>
<p>After a destructive cyberattack, organizations need more than a backup copy. They need confidence that the copy is clean. They need to know which systems to recover first, and which identities can be trusted. Not only that, but they need clean rooms, staging rooms, runbooks, communication paths, and tested recovery workflows.</p>
<p>Cohesity&rsquo;s cyber resilience services appear to recognize this. Its approach is built around education, preparation, and support. Workshops help customers understand destructive attacks. Assessments benchmark current resilience. Digital Jump Bag and Clean Room workshops help define practical response and recovery workflows.</p>
<p>Using the Minimum Viable Company (MVC) approach, Cohesity aims to help organizations to identify the smallest trusted set of services needed to keep the organization legally, operationally, and commercially alive. This is at the heart of cyber resilience.</p>
<h2>PwC partnership adds business resilience context</h2>
<p>The strategic collaboration between PwC UK and Cohesity is significant. Announced at the Cohesity Catalyst on Tour event in London by Karen Penman, Digital &amp; Cyber Resilience Partner at PwC UK, the partnership combines PwC&rsquo;s cyber, risk, and resilience capabilities with Cohesity&rsquo;s data security and recovery capabilities.</p>
<p>This is important because cyber resilience cannot be delivered by technology alone. Boards and executives need to answer business questions. Which services are most critical? How confident are we in recovery? What data and systems are essential?</p>
<p>Professional services firms can help translate technical resilience into business resilience. Technology providers can supply the platform, telemetry, protection, recovery, and automation. The strongest approaches will combine both.</p>
<p>The PwC partnership therefore fits the broader market direction. Resilience is becoming an operating model, not a product category. It requires governance, secure recovery technology and processes, crisis management, and regular testing and exercising.</p>
<h2>Sovereignty as part of resilience</h2>
<p>Cohesity is also addressing sovereignty in a pragmatic way. Its position is that data should remain under customer control wherever it needs to live. That includes on-premises, sovereign cloud, and hybrid deployment options.</p>
<p>The on-premises model is particularly relevant. Cohesity says customers can run the platform in their own datacenter so data never leaves infrastructure they control. In the strongest version of this model, processing and storage remain on premises, encryption keys remain with the customer, Cohesity has no access, and offline maintenance can be available where required.</p>
<p>This is not just a compliance point. It is a resilience point. Organizations in critical sectors may need recoverability under attack, but they may also need jurisdictional control, operational independence, supply chain transparency, and confidence that sensitive data is not exposed through a public cloud dependency.</p>
<p>Cohesity&rsquo;s sovereignty message is therefore aligned with <a href="https://www.kuppingercole.com/blog/small/will-the-eus-cloud-sovereignty-framework-mitigate-geopolitical-cloud-risks">European regulatory and geopolitical realities</a>. The key is that <a href="https://www.kuppingercole.com/blog/small/beyond-data-residency-cloud-sovereignty-in-context">sovereignty must not be reduced to data residency</a>. True sovereignty also includes control, transparency, recoverability, encryption, operational continuity, and exit options.</p>
<h2>AI, agents, and the next phase of resilience</h2>
<p>Cohesity&rsquo;s AI strategy is also evolving. The company is not positioning itself as the control tower for all enterprise AI or agentic activity. Instead, it is focusing on protecting agentic infrastructure and the data that agents manage.</p>
<p><a href="http://kuppingercole.com/blog/balaganski/agentic-ai-and-data-access-control">AI agents will increasingly act on enterprise data</a>, call services, trigger workflows, and influence operational decisions. They will also create new risks. Resilience therefore requires trusted data, protected workflows, governed access, and the ability to recover the systems and data that agents depend on.</p>
<p>Cohesity&rsquo;s approach is to partner with AI and agent platforms rather than force customers into a separate AI experience. Cohesity Maestro extends this direction by making Cohesity Data Cloud capabilities accessible through the Model Context Protocol (MCP). The idea is to let external AI tools and agents query telemetry, trigger recovery actions, access protected data insights, and orchestrate workflows under existing controls.</p>
<p>This headless approach is pragmatic. Enterprises are already standardizing on AI platforms. Security and infrastructure tools need to work where users and agents already operate. However, agentic resilience must be governed carefully. Role-based access control, authentication, auditability, policy enforcement, and human oversight remain essential.</p>
<h2>Conclusion</h2>
<p>The Cohesity and Veritas merger was always going to be judged on execution. Eighteen months on, there are credible signs of progress.</p>
<p>The combined company has moved beyond the language of portfolio consolidation and is now presenting a clearer platform strategy around Cohesity Data Cloud. The integration of NetBackup, DataProtect, Helios, FortKnox, RecoveryAgent, Gaia, identity resilience, threat protection, and DSPM gives the company a broader foundation for cyber resilience.</p>
<p>The strategic direction is also well aligned with market demand. Organizations need to protect data across hybrid and multi-cloud environments. They need to recover from destructive attacks. They have to know what data is sensitive, which services are critical, and what recovery sequence will keep the business alive. They need sovereignty options. They need AI support, but they need it with governance and control. They need preparation and rehearsal, not just recovery after the event.</p>
<p>The incidents at M&amp;S and JLR show why cyber resilience is now a board-level concern. Cyberattacks now stop orders, affect factories, disrupt supply chains, and test public confidence. The question is not whether organizations have backups but whether they can restore trusted business operations fast enough to limit harm.</p>
<p>Cohesity is working to address that question. Its progress is visible in platform integration, service simplification, <a href="https://www.kuppingercole.com/watch/redefining-mdr">recovery orchestration</a>, sovereignty support, AI-enabled data insight, partner alignment, and customer examples of resilience at scale.</p>
<p>The remaining challenge is evidence at scale. Cohesity must continue to show customer success in terms business leaders understand. The proof will be whether customers can prepare better, recover faster, restore trust more confidently, and keep critical services running when cyber disruption becomes real. That is the true measure of cyber resilience.</p>
<p>Cohesity is not the only vendor in this market; you can find a detailed evaluation of this and other vendors in our <a href="https://www.kuppingercole.com/research/lc80868/cloud-backup-for-ai-enabled-cyber-resilience" target="_blank">Leadership Compass Cloud Backup for AI-Enabled Cyber Resilience</a>.&nbsp;</p>
<p>To explore best practices in securing and governing human and non-human identities at scale, join us at <a href="https://www.kuppingercole.com/events/nhiid2026">AIdentity &amp; Non-Human Identity Impact Day 2026</a> in Munich, Germany, on October 6.</p>							]]></description>
		</item>
				<item>
						<pubDate>Wed, 01 Jul 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Stopping Lateral Movement with Air Gapped Directory Access]]></title>
			<link>https://www.kuppingercole.com/watch/directory-access-mediation</link>
			<guid>https://www.kuppingercole.com/watch/directory-access-mediation</guid>
			<description><![CDATA[ <p>Modern enterprises run on directory services like Active Directory, but that same centralization creates a dangerous single point of failure. Direct, always-on access to the directory turns compromised credentials into a launchpad for lateral movement. Restricting and mediating that access is critical to limiting blast radius and preventing attackers from moving freely across environments.</p>
<p><strong>Nitish Deshpande</strong>, Senior Analyst at KuppingerCole Analysts, provides an independent perspective on evolving identity security challenges. He discusses why native directory tools are no longer sufficient to protect against modern attack techniques, explores how unrestricted administrative access amplifies risk, and outlines strategic approaches to minimizing lateral movement. He also explains how modern identity architectures and access mediation align with Zero Trust principles.</p>
<p><strong>Robert Kraczek</strong>, Global Strategist at One Identity, dives into practical implementations of air‑gapped directory access using an architectural approach that restricts direct interaction with the directory itself. He shows how solutions such as Active Roles enable fine‑grained delegation to tightly control administrative access, apply automation to enforce joiner/mover/leaver workflows consistently, and ensure identity changes are executed immediately and securely. Through real‑world use cases, he demonstrates how organizations can reduce lateral movement risk while maintaining operational efficiency.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/directory-access-mediation"><img src="https://www.kuppingercole.com//videothumb/directory-access-mediation/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>Alexei Balaganski</dc:creator>			<pubDate>Tue, 30 Jun 2026 12:00:00 +0200</pubDate>
			<title><![CDATA[Security at Machine Speed: Oracle Removes the Price Barrier to Database Defense]]></title>
			<link>https://www.kuppingercole.com/blog/balaganski/security-at-machine-speed</link>
			<guid>https://www.kuppingercole.com/blog/balaganski/security-at-machine-speed</guid>
			<description><![CDATA[ <p>For decades, the gap between a security patch being released and that patch being applied was a window of risk that most organizations quietly learned to tolerate. Testing took time, maintenance windows were scarce, and the odds of an attacker weaponizing a specific fix before the next operational cycle often felt manageable enough to defer action. Those days are over.</p>
<p>Attackers have always studied patches to locate the flaw that a patch repairs. What has changed is the economics of that work. Identifying what changed and turning that into a working exploit used to require rare skill, specialized tooling, and patience. The latest generation of frontier AI models, exemplified by Mythos, eliminates much of that effort, making techniques that once belonged primarily to well-funded, highly skilled groups available to a much broader population of attackers.</p>
<p>This is what destabilizes the long-standing equilibrium between attackers and defenders. The patch is no longer just a remedy. It can quickly become a blueprint for the exploit, and the time window defenders once counted on is shrinking fast.</p>
<p>This does not shift the defender&rsquo;s problem from prevention to speed alone but makes speed a condition of prevention. Organizations have less time to assess exposure, validate changes, deploy fixes, and recover when something does slip through. And because AI agents and AI-generated applications increasingly reach directly into enterprise data, the <a href="https://www.kuppingercole.com/blog/balaganski/agentic-ai-and-data-access-control">database becomes one of the control points</a> that matter most.</p>
<p><a href="https://blogs.oracle.com/database/securing-your-business-data-amidst-emerging-ai-threats">Oracle&rsquo;s response</a> to this challenge, framed around <i>the principles of Secure at Source</i>, <i>Secure at Speed</i>, and <i>Secure through Resilience</i>, places controls, patching, and recovery directly in the data layer rather than relying only on the systems around it.</p>
<h2>Security should not be a budget line that attackers exploit</h2>
<p>The centerpiece of Oracle&rsquo;s announcement is economic. Several of its widely deployed security, patching, testing, and lifecycle management tools are now available at no cost for a limited period, or at a steep discount on one-year term licenses, across cloud, multicloud, hybrid, and on-premises environments.</p>
<p>Anything that gives organizations more security per dollar is useful. In the AI era, it is close to essential. When security carries a separate price tag, many organizations resort to rationing it. They scan less often, cover fewer systems, and defer upgrades that the budget cannot absorb this quarter. We have seen this dynamic before in other parts of the security market, especially with tools priced by data volume, where customers end up dropping important signals simply to stay under quota. Pricing that forces defenders to limit their own protection is an antipattern in any situation. Against attackers operating at the speed and scale of AI, it becomes a liability.</p>
<p>Vendors that make baseline security easier to consume, and that create customer value through infrastructure, services, automation, and guidance rather than through friction around essential controls, are getting the economics of security right. Removing the procurement conversation from the critical path of patching is the right call. A database owner who can deploy protection today, without waiting on a purchase cycle, is well-placed to prevent the next security incident.</p>
<h2>Access is necessary, but it is not sufficient</h2>
<p>Removing the price barrier solves one problem. It does not solve the one that has defeated security programs for decades: <strong>tools are worthless if no one turns them on</strong>.</p>
<p>The history of cloud and database security is littered with incidents that had little to do with missing controls and much to do with controls that were unused, poorly understood, or misconfigured. <a href="https://www.kuppingercole.com/blog/balaganski/the-next-best-thing-after-secure-by-design">The best security capabilities do nothing if no one enables them</a>, and they help no one if no one knows they exist. Free licenses lower the cost of entry. They do not automatically supply the operational knowledge, deployment patterns, or institutional discipline that turn a capability into a control.</p>
<p>This is where Oracle&rsquo;s longer track record matters, and where it should now press harder. Capabilities such as Oracle Deep Data Security, Oracle SQL Firewall, and Oracle Database Vault enforce policy inside the database, where applications, users, or AI agents have fewer opportunities to quietly route around it. Controls applied close to the data, and enabled by default where appropriate, are not only good governance. They are a lifeline for the many organizations that lack the in-house expertise to make every security decision correctly. Secure by default protects the majority who will never read the documentation, and that is precisely the point.</p>
<p>Making the tools free is the easier part. The harder and more valuable work is driving adoption: education, deployment guidance, reference practices, and the steady drumbeat of reminders that move a customer from owning a license to running a process. Oracle should treat that as the real deliverable.</p>
<h2>A welcome offer, with a question about its shelf life</h2>
<p>The offer is structured as a promotion. The no-cost tier runs for a defined window, the discounted licenses for a slightly longer one, and both assume the customer already carries current support. On a careful reading, several of the tools are available at no cost for patching and upgrading specifically, not as a permanent change to how they are licensed.</p>
<p>As a way to remove friction at a moment of acute risk, this approach is reasonable. It creates urgency and gets customers moving now, which is exactly what the threat timeline demands.</p>
<p>If protection that organizations come to depend on reverts to a paid feature once the window closes, the budget-rationing this announcement was meant to disrupt will quietly return. Security that lapses back behind a paywall trains customers to treat it as optional again. Oracle should make the security-critical pieces permanently accessible, as a statement that keeping databases patched against AI-speed exploits is not a premium feature. Keep the cost of doing the right thing low, and security stops being the corner that gets cut first.</p>
<h2>The autonomous endgame, and why it will take time</h2>
<p>There is a cleaner solution embedded in Oracle&rsquo;s own recommendations, and the company names it explicitly. Moving workloads to Oracle Autonomous AI Database shifts patching, encryption, and much of the security burden from the customer to Oracle itself. Updates apply without the customer negotiating each maintenance window, and security is enabled by default with fewer switches to forget. For the patch-application gap, that is the most complete answer on the table.</p>
<p>In an ideal world, every eligible workload would already be there.</p>
<p>In practice, migration is measured in years, not quarters. It depends on application compatibility, organizational appetite, regulatory constraints, and customer effort at least as much as on anything Oracle does. Most enterprise database estates will run a mix of versions and deployment models for a long time. The free and discounted tools are the bridge for that reality: a way to raise the security floor across the existing fleet while the longer migration plays out.</p>
<h2>Recommendations</h2>
<p>For existing Oracle customers:</p>
<ul>
<li>Inventory your databases before anything else. You cannot patch, or prove you have patched, what you have not cataloged. Use Oracle Database Lifecycle Management Pack and Oracle Exadata Management Pack to discover versions, dependencies, and exposure across your entire infrastructure.</li>
<li>Claim the tools while the offer is available and use the patching packs together with Oracle Real Application Testing and Oracle GoldenGate to remove the usual excuses for delay.</li>
<li>Treat patching as a repeatable, governed process rather than a periodic project. Standardize the workflow, automate it across environments, and report compliance to security and executive stakeholders so it survives shifting priorities.</li>
<li>Do not let the promotional window become your planning horizon. Decide now which capabilities you will keep operating after the offer ends, and budget for them as well.</li>
<li>For qualifying workloads, evaluate migration to Oracle Autonomous AI Database as the long-term solution that removes much of this burden entirely.</li>
</ul>
<p>For organizations still evaluating Oracle:</p>
<ul>
<li>Read the announcement as a signal about total cost of ownership, not as a discount coupon. A platform that enforces security inside the data layer and bundles lifecycle, testing, and recovery tooling can lower the hidden operational costs that rarely surface in product comparisons.</li>
<li>Weigh the secure-by-default posture against the alternatives. For teams without deep database security expertise, controls that are harder to misconfigure are worth more than a longer feature list.</li>
</ul>
<h2>The bigger picture</h2>
<p>AI is turning economics itself into a security control. When attackers automate their exploits, the speed at which a defender can act is limited by cost, testing, and downtime between knowing and acting.</p>
<p>Oracle&rsquo;s announcement attacks the cost portion of that friction directly, putting proven, widely deployed tools in customers&rsquo; hands now. Its lasting value still depends on whether the company invests as much in driving adoption of these tools, and whether it keeps them permanently in place rather than as a temporary promotion.</p>
<p>But the threat does not wait. Organizations should act now, use what the offer makes available, and get used to patching and upgrading more often in the AI era.</p>							]]></description>
		</item>
				<item>
			<dc:creator>Alejandro Leal</dc:creator>			<pubDate>Mon, 29 Jun 2026 09:39:19 +0200</pubDate>
			<title><![CDATA[Agent Visibility and Observability Platforms (AVOP)]]></title>
			<link>https://www.kuppingercole.com/research/lb82024/agent-visibility-and-observability-platforms-avop</link>
			<guid>https://www.kuppingercole.com/research/lb82024/agent-visibility-and-observability-platforms-avop</guid>
			<description><![CDATA[ Generative AI (GenAI) has moved beyond conversational assistants into autonomous agents that plan, act, invoke tools, and reach enterprise systems with little human oversight. This shift breaks the human-centered assumptions behind existing identity, security, and governance models, leaving many organizations unable to see or fully account for what their agents do. The central question is no longer who may access a resource, but what an agent is permitted to do and how its decisions can be traced, justified, and controlled. This Leadership Brief introduces Agent Visibility and Observability Platforms (AVOP) as the emerging response, assesses the current state of the market, and offers practical recommendations for organizations preparing for a future in which AI agents are routine in enterprise operations.							]]></description>
		</item>
				<item>
						<pubDate>Mon, 29 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[IGA in 2026: NHIs, Sovereignty & the Platform Shift]]></title>
			<link>https://www.kuppingercole.com/watch/iga-in-2026</link>
			<guid>https://www.kuppingercole.com/watch/iga-in-2026</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">IGA is often dismissed as a mature, stable market but that couldn't be further from the truth. In this episode, Matthias sits down with Nitish Deshpande, to explore how identity governance and administration is being reshaped by NHIs, AI-driven intelligence, deployment sovereignty, and a wave of challenger vendors.</p>
<p><strong>Key Topics:</strong></p>
<p>✅ How IGA has evolved from static, siloed tools to integrated, multi-identity platforms<br />✅ Non-human identities: IGA vendors are now covering NHI governance &mdash; and customers are demanding it<br />✅ Where IGA still falls short: role mining, anomaly detection, policy simulation, and workflow automation<br />✅ The deployment model debate: SaaS vs. on-premise vs. hybrid &mdash; and the feature parity problem<br />✅ EU sovereignty as a competitive differentiator for European IGA vendors<br />✅ What's coming next: real-time governance, access intelligence, and a new IGA report category</p>
<p><em>44 vendors evaluated, a surge of newcomers, and a market quietly reinventing itself &mdash; the KuppingerCole IGA Leadership Compass is out now and covers everything discussed in this episode.</em></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/iga-in-2026"><img src="https://www.kuppingercole.com//videothumb/iga-in-2026/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>Alexei Balaganski</dc:creator>			<pubDate>Fri, 26 Jun 2026 16:15:00 +0200</pubDate>
			<title><![CDATA[The SPM Treadmill: Stop Looking at Labels]]></title>
			<link>https://www.kuppingercole.com/blog/balaganski/the-spm-treadmill</link>
			<guid>https://www.kuppingercole.com/blog/balaganski/the-spm-treadmill</guid>
			<description><![CDATA[ <p>First, we had CSPM (Cloud Security Posture Management). Then DSPM (Data Security Posture Management). Somewhere in there, SSPM (Software-as-a-Service Security Posture Management). Now the label printer has reached the letters &ldquo;AI,&rdquo; and AI-SPM (can you guess what it stands for?) is being stapled onto everything from cloud scanners to data governance suites to LLM firewalls. All of them are popular buzzwords of their moment, with the shared suffix doing all the heavy lifting.</p>
<p>At KuppingerCole Analysts, our motto for more than two decades has been simple: stop looking at labels, look for substance and for the ability to address real challenges. <i>Security Posture Management</i> is a useful test of that principle, because the SPM family has become one of the clearest examples of a label outliving its meaning. A buzzword loses its definition the moment enough vendors decide they sell it, and SPM passed that point some time ago.</p>
<h2>One capability, four names</h2>
<p>Strip away the prefix and every SPM product follows roughly the same pattern. It connects to an environment, assesses configuration and state against a set of policies, and produces a list of things that are wrong. Continuous assessment of posture against policy is a genuine and valuable capability. It is however not a new market every time someone points it at a different asset class.</p>
<p>That is the part the suffix conveniently hides. CSPM, DSPM, SSPM, and AI-SPM are not four fundamentally different ideas. They are one capability aimed at different targets.</p>
<p>The targets matter, of course. Cloud infrastructure, SaaS applications, sensitive data, and AI systems all have different architectures, risks, owners, and remediation paths. But that is exactly the point. The value is not in the shared suffix. The value is in how well the product understands the asset class, the risk model, and the operational workflow behind it.</p>
<h2>CSPM: not dead, just absorbed</h2>
<p>The capabilities behind CSPM remain useful. They also stopped being a standalone product. Misconfiguration detection, compliance mapping, and cloud risk assessment were quickly <a href="https://www.kuppingercole.com/research/lc80892/cloud-native-application-protection-platforms-cnapp">folded into broader cloud-native application protection platforms</a> (CNAPP), where they belong, sitting next to workload protection, entitlement management, runtime controls, and remediation workflows. No one needs a separate posture tool whose main deliverable is glorified vulnerability scanning with cloud credentials and a talent for generating five thousand tickets.</p>
<p>A finding you cannot act on is not a security outcome. It is homework. That does not make CSPM useless. It makes CSPM a capability inside something larger. This is a perfectly respectable fate for a security category. It is also one that tends to annoy vendors who built a marketing strategy around the assumption that the suffix would remain billable forever.</p>
<h2>DSPM: the same journey, with a detour</h2>
<p>DSPM followed a similar path, except it took a more scenic route through inflated expectations. Its core scope is real and foundational: discover sensitive data, classify it, identify exposure, and surface the misconfigurations and access risks around it. <a href="https://www.kuppingercole.com/research/lc80842/data-security-platforms">Treated as the first layer of a data security program</a>, that work is essential. For a while, though, DSPM was sold as the answer to data security, full stop.</p>
<p>A DSPM tool that only assesses posture cannot deliver the outcome customers were promised, because finding exposure is not the same as fixing it. Posture visibility tells you the house is on fire. It does not hold a hose. And the moment a vendor adds real remediation, protection, workflow integration, and enforcement, the tool has moved beyond posture management. It has become part of a data security platform.</p>
<p>Keeping the DSPM label on it at that point does not describe the product. It keeps the trendier acronym alive a little longer. DSPM is necessary but not sufficient. And when it finally becomes sufficient, it is no longer just DSPM.</p>
<h2>SSPM: real, but already outgrowing its name</h2>
<p>SSPM points the same machinery at SaaS applications. It connects to Microsoft 365, Salesforce, GitHub, and the dozens of other tenants a modern company runs, then checks them for misconfiguration, over-privileged accounts, dormant admin rights, and risky third-party access. This is genuinely useful work. SaaS sprawl is real, almost nobody configures these applications securely by default, and the blast radius of a single over-scoped integration token is larger than most people realize.</p>
<p>But notice what actually creates the value, and it is not the suffix. It is coverage and depth: how many applications the tool understands, and how well it understands each one. A product that inspects five SaaS apps shallowly is not a category. And the capability follows the same gravitational pull as CSPM, being absorbed into identity security, SaaS management, and SSE platforms, where posture findings sit next to the access and configuration controls that can actually fix them.</p>
<h2>AI-SPM: a label in search of a market</h2>
<p>AI-SPM is the newest entry in the family, and the cleanest illustration of the problem, because the term is still fresh enough that almost everyone can claim it and almost no one has to define it. Naturally, this has not slowed anyone down.</p>
<p>The label is currently being applied to several different architectures: cloud platforms extended to inventory AI services, data security tools extended to cover training and inference data, purpose-built AI asset discovery and governance platforms, and AI runtime protection products with a posture dashboard bolted on. These are different products, aimed at different problems, often sold to different buyers. They share a hashtag, not a category.</p>
<p>Category boundaries matter because they shape budgets, shortlists, evaluation criteria, and expectations. If AI-SPM means &ldquo;cloud posture management, but now we also detect Bedrock,&rdquo; that is one thing. If it means governing AI models, datasets, prompts, agents, tools, permissions, runtime behavior, and regulatory obligations, that is something very different. Pretending both are the same market helps no one except the people printing booth banners.</p>
<p>None of this means the underlying problems are imaginary. Shadow AI is real. Agent permissions are real. AI data leakage is real. The EU AI Act, with penalties reaching &euro;35 million or 7% of global annual turnover, whichever is higher, is extremely real.</p>
<p>The question is not whether AI introduces new security and governance challenges. It is whether putting &ldquo;SPM&rdquo; into product names does anything to address them. Spoiler alert: it does not.</p>
<h2>What to do when the next prefix arrives</h2>
<p>So how should buyers respond the next time a new letter or two shows up in front of SPM?</p>
<p>First, ignore the suffix and write down the capabilities you really need: discovery, classification, posture assessment, policy evaluation, prioritization, enforcement, remediation, and reporting. Map products to that list, not to the acronym on the data sheet.</p>
<p>Second, ask what the tool fixes, not only what it finds. A posture product that cannot remediate, or at least trigger remediation through something that can, is just another input for real security tools. It is not a control.</p>
<p>Third, check whether the capability already exists in a platform you own. CSPM is the cautionary tale here. Plenty of organizations bought it once as a point tool and again inside CNAPP, which is a very expensive way of discovering that suffixes can be recycled.</p>
<p>Fourth, for AI, define the scope before shopping for the label. The defensible boundary is the governance and security layer specific to AI systems as a distinct class of asset, drawn deliberately to avoid overlap with the cloud, data, network, application, and identity controls you already have.</p>
<p>A useful label gives buyers a shortcut to a real set of capabilities, problems, and outcomes. But once everyone claims the label, it stops being a shortcut and becomes noise. Look for capabilities, workflows, outcomes. The acronym will have changed by next quarter anyway.</p>							]]></description>
		</item>
				<item>
						<pubDate>Fri, 26 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Identity Collapse in the Age of Autonomous Agents]]></title>
			<link>https://www.kuppingercole.com/watch/autonomous-agents</link>
			<guid>https://www.kuppingercole.com/watch/autonomous-agents</guid>
			<description><![CDATA[ <p>IAM systems are reaching their limits as autonomous agents execute transactions, chain decisions, and move across enterprise and partner boundaries at machine speed without clear attribution or governance. This creates structural failure, not incremental risk. Addressing it requires re-architecting IAM around agent identity, enabling ephemeral trust, verifiable delegation, and machine-native auditability across APIs, federation, and distributed environments.</p>
<p><strong>John Tolbert</strong>,&nbsp;Director of Research and Principal Analyst&nbsp;at&nbsp;KuppingerCole&nbsp;Analysts will draw on his recent Leadership Compass reports on CIAM and B2B IAM to explore how AI agent interactions are reshaping both domains, highlight unresolved architectural gaps in current IAM platforms, and examine why existing delegation, audit, and licensing models fail under agent-driven workloads.</p>
<p><strong>Ayesha Dissanayaka</strong>, Associate Director and Lead Architect for Agent Identity at WSO 2 will focus on the practical side of this transformation, addressing how to secure agentic workflows, implement identity for autonomous systems, and build scalable, governance-driven architectures that enable trusted machine-to-machine interactions across complex enterprise environments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/autonomous-agents"><img src="https://www.kuppingercole.com//videothumb/autonomous-agents/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 25 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Redefining MDR: From Alert Handling to Outcome‑Focused Security Operations]]></title>
			<link>https://www.kuppingercole.com/watch/redefining-mdr</link>
			<guid>https://www.kuppingercole.com/watch/redefining-mdr</guid>
			<description><![CDATA[ <p>Cyber threats continue to target organizations across endpoints, networks, cloud environments, identity systems, and connected devices, while many security teams still struggle with skills shortages, operational complexity, and the challenge of maintaining effective 24x7 monitoring and response. In this environment, Managed Detection and Response (MDR) has evolved beyond managed alert handling into a broader security operations function that combines validated detections, contextual investigations, coordinated response, identity-aware analytics, and ongoing posture improvement.</p>
<p>Don&rsquo;t miss the opportunity to join Senior Analyst <strong>Warwick Ashford</strong> for an informative webinar in which he will provide an overview of the KuppingerCole Leadership Compass on MDR 2026. He will explore how the MDR market is changing, the key findings of the report, the capabilities that now define leadership, and the criteria used to evaluate vendors. He will also discuss market drivers, delivery models, outcome-focused service expectations, and the increasing importance of identity protection, automation, integration, and exposure management in modern MDR.</p>
<p><strong>&nbsp;</strong></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/redefining-mdr"><img src="https://www.kuppingercole.com//videothumb/redefining-mdr/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>Mike Small</dc:creator>			<pubDate>Tue, 23 Jun 2026 11:00:00 +0200</pubDate>
			<title><![CDATA[SecOps - The Next Frontier in Digital Sovereignty]]></title>
			<link>https://www.kuppingercole.com/blog/small/secops-the-next-frontier-in-digital-sovereignty</link>
			<guid>https://www.kuppingercole.com/blog/small/secops-the-next-frontier-in-digital-sovereignty</guid>
			<description><![CDATA[ <p>Discussions around digital sovereignty have largely focused on cloud infrastructure. However, since many cyber security tools are now delivered as cloud services, an equally important question is what are the potential risks of relying on a non-sovereign security operations platform?</p>
<p>As organizations adopt AI-driven Security Operations (SecOps), Extended Detection and Response (XDR), Security Information and Event Management (SIEM), and Cloud-Native Application Protection Platforms (CNAPP), they are becoming dependent on security control planes that aggregate telemetry, automate response actions, and increasingly make autonomous security decisions. These platforms are the operational nerve center for cybersecurity.</p>
<p>The question is most acute in Europe, where customers face a complex regulatory environment and where the leading SecOps platforms are supplied by vendors headquartered outside the EU.</p>
<p>This raises a new challenge: SecOps Sovereignty.</p>
<h2>From Cloud Sovereignty to SecOps Sovereignty</h2>
<p>In previous blogs on cloud sovereignty, I identified <a href="https://www.kuppingercole.com/blog/small/sovereign-cloud-geopolitical-risks">four categories of sovereignty risk: data, technology, operational, and infrastructure. </a>For SecOps the same lens applies, but data concerns are best framed as a legal-jurisdiction question and technology dependencies as a supply-chain question, giving four somewhat different categories:</p>
<p><img src="/pics/SecOps-Sovereignty-Risks.png" alt="" /></p>
<p>In some respects, the risks are amplified because security platforms hold privileged visibility and control across the entire enterprise.</p>
<p>Unlike regular cloud workloads, SecOps platforms collect and analyze:</p>
<ul>
<li>Security events</li>
<li>Network telemetry</li>
<li>Identity data</li>
<li>Vulnerability information</li>
<li>Incident records</li>
<li>Threat intelligence</li>
</ul>
<p>In many cases, they can also take direct actions such as isolating endpoints, blocking users, modifying firewall rules, or shutting down workloads.</p>
<p>The sovereignty risks related to these systems can therefore not only affect data confidentiality but also threaten operational resilience.</p>
<h2>Legal Risk</h2>
<p><i>Risk: Unauthorized but legal access to SecOps related data.</i></p>
<p>Most leading SecOps platforms are operated by US-headquartered vendors, placing European customers' security telemetry within the reach of US legal process. This creates familiar concerns regarding extraterritorial legislation and foreign government access requests. Security telemetry often contains sensitive information about organizational structures, network architectures, privileged users, and critical assets.</p>
<p>For regulated sectors such as healthcare, financial services, <a href="https://www.kuppingercole.com/research/an81078/digital-sovereignty-and-the-emerging-european-defense-sector">defense</a>, and critical infrastructure, exposure of this data may present a greater risk than exposure of ordinary business data.</p>
<p>The issue <a href="https://www.kuppingercole.com/blog/small/beyond-data-residency-cloud-sovereignty-in-context">extends beyond data residency</a>. Even if security data remains physically within Europe, questions remain regarding who can access it, under what legal authority, and whether foreign governments can compel disclosure through legislation that applies to the vendor.</p>
<h2>Operational Risk</h2>
<p><i>Risk: Loss of access to SecOps capabilities and data during periods of geopolitical tension.</i></p>
<p>Modern SecOps platforms now typically operate as centralized SaaS control planes.</p>
<p>Security teams rely on them to investigate incidents, orchestrate responses, and manage automated detection capabilities. If access to these platforms is disrupted by sanctions, export controls, geopolitical disputes, or vendor decisions, security operations may be significantly impaired.</p>
<p>As geopolitical tensions increase, organizations are <a href="https://www.kuppingercole.com/blog/small/will-the-eus-cloud-sovereignty-framework-mitigate-geopolitical-cloud-risks">evaluating</a> whether critical digital services remain available during periods of international conflict or regulatory confrontation.</p>
<p>Organizations must therefore ask:</p>
<ul>
<li>Can we continue to detect threats if the service becomes unavailable?</li>
<li>Can we access historical security telemetry?</li>
<li>Can we export rules, playbooks, and threat intelligence?</li>
<li>Can we operate independently during a geopolitical crisis?</li>
</ul>
<p>These questions are familiar from cloud sovereignty debates, but acquire new urgency when the system being disrupted is the one detecting attacks.</p>
<h2>Infrastructure Risk</h2>
<p><i>Risk: Loss of access to SecOps capabilities and data.</i></p>
<p>Security operations platforms depend on cloud infrastructure, data processing facilities, networking services, and AI infrastructure.</p>
<p>Even where a security vendor offers regional hosting, dependencies may still exist on foreign-owned infrastructure, global management planes, or externally controlled AI services.</p>
<p>The sovereignty question therefore extends beyond where logs are stored to encompass the entire operational stack that processes, correlates, and analyzes security data.</p>
<h2>Supply Chain Risk</h2>
<p><i>Risk: Loss of Trust in the SecOps data and capabilities.</i></p>
<p>SecOps platforms incorporate multiple layers of third-party dependencies:</p>
<ul>
<li>Threat intelligence providers</li>
<li>AI and machine learning services</li>
<li>Cloud infrastructure providers</li>
<li>Open-source components</li>
<li>Managed detection services</li>
</ul>
<p>This creates complex supply chain dependencies that may not be visible to customers.</p>
<p>A sovereign SecOps strategy therefore requires transparency regarding who operates critical services, who controls updates, where AI models are hosted, and how dependencies are governed.</p>
<p>As with cloud sovereignty, supplier diversity and architectural openness become important mitigations.</p>
<h2>The CNAPP Challenge</h2>
<p>CNAPP are becoming the control plane for the AI-native business but are mostly US-owned. This creates a particularly interesting sovereignty challenge.</p>
<p>By design, CNAPP solutions aggregate data across cloud environments, identities, workloads, Kubernetes clusters, application pipelines, and security controls. They have become the single source of truth for cloud security posture and risk management.</p>
<p>This concentration of visibility creates significant value but also increases sovereignty concerns.</p>
<p>Organizations evaluating CNAPP solutions should therefore consider:</p>
<ul>
<li>Where security telemetry is processed</li>
<li>Who controls the management plane</li>
<li>Whether customer-controlled encryption is available</li>
<li>How data portability is supported</li>
<li>What happens during a geopolitical disruption</li>
<li>Whether AI-driven analysis can operate within sovereign boundaries</li>
</ul>
<p>As CNAPP platforms become increasingly AI-enabled, sovereignty considerations will extend to model training, inference locations, and control over security-related AI systems.</p>
<h2>Palo Alto Networks and Deutsche Telekom: A New Direction</h2>
<p>In June 2026, Palo Alto Networks and Deutsche Telekom announced <a href="https://www.paloaltonetworks.com/company/press/2026/palo-alto-networks-and-deutsche-telekom-bring-ai-driven-security-with-advanced-sovereignty-controls-for-european-regulated-industries">Sovereign Cortex with T Security</a>, a service that brings Palo Alto Networks' AI-driven Cortex SecOps platform to European regulated industries with sovereignty controls independently governed by Deutsche Telekom.</p>
<p>The significance of this announcement is not simply that data remains within Europe. Rather, it reflects a broader recognition that security operations platforms have themselves become sovereignty-sensitive infrastructure.</p>
<p>The announced offering combines Palo Alto Networks' security analytics and AI capabilities with Deutsche Telekom acting as a European trust anchor, providing governance and operational controls aligned with European sovereignty requirements. The initial target for this includes organizations in healthcare, financial services, the public sector, and critical national infrastructure.</p>
<p>Whether such approaches fully mitigate sovereignty concerns remains open to debate. Sovereign Cortex is itself hosted on Deutsche Telekom's Sovereign Google Cloud Platform, with Telekom Security holding the encryption keys in its own data centers: this layered architecture illustrates how difficult it is to separate European SecOps fully from US-controlled infrastructure. However, the announcement signals that the market is beginning to recognize SecOps sovereignty as an important distinct requirement.</p>
<h2>Final Thoughts</h2>
<p>The next phase of digital sovereignty will not be defined solely by cloud infrastructure.</p>
<p>As organizations increasingly rely on AI-driven security operations, sovereignty concerns must extend to platforms that monitor, analyze, and protect their digital environments. Security operations systems are becoming critical national and organizational infrastructure.</p>
<p>The key question is no longer: <i>"Where is my data?"</i></p>
<p>Instead, organizations must ask:</p>
<p><i>"Who controls my security operations, who can access them, and will they continue to function when geopolitical conditions deteriorate?"</i></p>
<p>SecOps sovereignty is about ensuring that organizations retain control of their security posture, incident response capabilities, and cyber resilience regardless of legal, political, or geopolitical disruption.</p>
<p>As sovereignty debates move beyond cloud infrastructure and into cybersecurity operations, SecOps and CNAPP platforms will the <a href="https://commission.europa.eu/document/download/09579818-64a6-4dd5-9577-446ab6219113_en?filename=Cloud-Sovereignty-Framework.pdf">EU Cloud Sovereignty Framework</a> be enough.</p>
<p>Join a <a href="https://www.kuppingercole.com/events/impactdays2026">KuppingerCole Impact Day</a> to get practical insights on identity, security, and digital transformation.</p>							]]></description>
		</item>
				<item>
			<dc:creator>Alejandro Leal</dc:creator>			<pubDate>Tue, 23 Jun 2026 10:49:31 +0200</pubDate>
			<title><![CDATA[Passwordless Authentication B2C - Airlock]]></title>
			<link>https://www.kuppingercole.com/research/bc81151/passwordless-authentication-b2c-airlock</link>
			<guid>https://www.kuppingercole.com/research/bc81151/passwordless-authentication-b2c-airlock</guid>
			<description><![CDATA[ Passwordless consumer authentication replaces reusable passwords with device-bound cryptographic credentials (FIDO2/WebAuthn passkeys) and local biometrics, reducing ATO and login friction while supporting privacy-by-design. Successful deployments hinge on CIAM integration, adaptive risk policies, secure device binding/sync, and robust recovery. Airlock IAM exemplifies a policy-driven CIAM with mature FIDO support, Swiss-hosted SaaS, and workflow-based orchestration.							]]></description>
		</item>
				<item>
			<dc:creator>Alexei Balaganski</dc:creator>			<pubDate>Mon, 22 Jun 2026 11:30:00 +0200</pubDate>
			<title><![CDATA[From Packets to Tokens: F5’s Bid to Secure the AI-Era Enterprise]]></title>
			<link>https://www.kuppingercole.com/blog/balaganski/from-packets-to-tokens</link>
			<guid>https://www.kuppingercole.com/blog/balaganski/from-packets-to-tokens</guid>
			<description><![CDATA[ <p>Recently, I was in London again, attending the analyst summit F5 held alongside its <a href="https://www.f5.com/appworld">AppWorld</a> event. Since this is also F5&rsquo;s 30th anniversary year, there was the expected amount of reflection on how much application delivery, security, cloud, and enterprise infrastructure have changed over the past three decades. There was also, inevitably, a lot of AI.</p>
<p>In this case, however, the AI story was connected to a real enterprise problem: complexity. Enterprises are not standardizing on one cloud, one application architecture, or one AI model. They operate across data centers, public clouds, edge locations, SaaS services, APIs, Kubernetes clusters, and AI inference environments. F5&rsquo;s message at AppWorld was that this complexity is not a temporary phase on the way to something cleaner but, in fact, the new operating model.</p>
<p>The company is repositioning application delivery as a strategic control point for the AI-era enterprise. In the roadmap session, F5 described the infrastructure shift as moving &ldquo;from packets to tokens,&rdquo; which may be the most precise framing. Traditional application delivery was about traffic, protocols, and availability. The next-generation application delivery stack must also understand APIs, models, agents, data flows, runtime policy, token costs, and AI-specific risks.</p>
<h2>Application Delivery Is Relevant Again</h2>
<p>The central story is F5&rsquo;s Application Delivery and Security Platform, or ADSP. This is the umbrella under which F5 is bringing together BIG-IP, NGINX, and Distributed Cloud Services capabilities like WAF, API security, bot defense, observability, and AI security. The ambition is obvious: make it the platform that delivers, secures, observes, and increasingly governs applications wherever they run.</p>
<p>Of course, every technology vendor wants to be a platform because &ldquo;platform&rdquo; has become the default claim of any company assembling more than two products. F5's claim is harder to dismiss than most. Large organizations already rely on F5 in the data path for critical application delivery, resilience, and security. The company is trying to extend an existing infrastructure position into a world where application traffic increasingly includes APIs, AI models, and autonomous agents.</p>
<p>This also fits a broader point I made recently in <a href="https://www.kuppingercole.com/blog/balaganski/api-security-core-of-enterprise-cyber-defense" target="_new">Why API Security Is Becoming the Core of Enterprise Cyber Defense</a>: APIs are no longer just developer plumbing. They are the channels through which business logic, data access, automation, and increasingly AI agents operate. Application delivery and API security are therefore no longer adjacent topics. They are becoming part of the same control problem.</p>
<h2>Hybrid Multicloud Is the New Baseline</h2>
<p>F5&rsquo;s event narrative was built around the idea that hybrid multicloud is no longer a transitional mess. It is the baseline. According to F5's own research, 93% of organizations now operate in hybrid multicloud environments, with F5 customers running applications across an average of more than 19 environments.</p>
<p>That complexity is precisely the problem <a href="https://www.f5.com/products/f5-insight">F5 Insight for ADSP</a> is designed to address. The company acknowledged that customers value the technology, but that understanding what it does, managing it across environments, and transferring knowledge between teams can be difficult. Insight is intended to change that by turning telemetry into natural-language explanations, root-cause analysis, application health views, and prioritized remediation guidance.</p>
<h2>APIs, AI, and Runtime Control</h2>
<p>F5 is extending API discovery and protection deeper into enterprise environments, including BIG-IP deployments and air-gapped local editions. API security is often discussed as if the main issue were public-facing APIs exposed through modern cloud gateways. In reality, many important APIs are internal, hybrid, undocumented, or connected to legacy systems.</p>
<p>Every time an AI application calls a model, every time an agent calls a tool, and every time a workflow stitches together services, <a href="https://www.kuppingercole.com/research/lb80920/no-api-security-no-ai-security">APIs are doing the work</a>. This is why F5&rsquo;s AI security story is strongest when framed around runtime control and remediation, not just detection. The combination of F5 AI Red Team, F5 AI Guardrails, and AI Remediate is meant to identify weaknesses, translate them into runtime protections, and let the customer decide when these protections go live.</p>
<p>That human-in-the-loop element is important. Agentic AI is not just an authentication problem or a prompt security problem. MCP servers, tool definitions, agents, and downstream integrations create a dependency graph that must be inventoried, reviewed, and monitored at runtime. A valid token does not mean safe behavior. It only means someone or something was allowed to connect.</p>
<p><a href="https://www.kuppingercole.com/blog/balaganski/agentic-ai-and-data-access-control">AI agents are changing the nature of data access</a> because they chain operations, combine data sources, and adapt behavior based on intermediate results. F5 does not own the data layer, but its position in the traffic path gives it a relevant enforcement and observation point for these new flows.</p>
<h2>Sovereignty and Resilience</h2>
<p>Digital sovereignty was another important theme, especially in the European context. F5 framed it as autonomy over data, technology stack, and operations, including where data lives, how quickly organizations recover from disruption, which infrastructure providers they depend on, and how much they rely on any single provider. That is the right direction, because digital sovereignty is often reduced to data residency, which is far too narrow.</p>
<p>For F5, sovereignty can be a tailwind. In the analyst Q&amp;A session, the company&rsquo;s leadership argued that many customers are moving away from overreliance on U.S. hyperscalers toward on-premises deployments, local cloud alternatives, and customer-controlled infrastructure. At the same time, F5 remains a US vendor, so the sovereignty message must be handled carefully. The stronger argument is not &ldquo;buy from us instead of hyperscalers&rdquo; but one centered on deployment choice, operational autonomy, and customer control over where critical functions run.</p>
<p>This also echoes the argument I made in <a href="https://www.kuppingercole.com/blog/balaganski/platform-dependence-growing-fragility?utm_source=chatgpt.com" target="_new">Platform Dependence and the Growing Fragility of the Internet</a>: resilience cannot be outsourced entirely. Platform consolidation creates efficiency, but it also creates dependency. Sovereignty without resilience is just a different form of fragility.</p>
<p><a href="https://www.kuppingercole.com/research/lb80919/crypto-agility">Cryptographic agility</a> is a case in point. F5 BIG-IP v21, highlighted at the event, adds support for hybrid ciphers combining classical ECC with ML-KEM - incremental and non-disruptive by design, which is precisely how infrastructure adapts before it is forced to.</p>
<h2>The Caveats: Convergence, Developers, and Agents</h2>
<p>There are still areas where F5 needs to prove execution. The first is platform convergence. ADSP is a compelling umbrella, but F5 must bring together several product families with different histories, deployment models, and operating assumptions. A genuinely converged platform would deliver common policies, shared telemetry, simpler operations, clearer packaging, and a realistic migration path.</p>
<p>The second is developer relevance. F5 was clear that its enterprise engagement model remains centered on NetOps and SecOps, not developers. And yet, agentic AI, MCP usage, and AI-assisted application development often start in development and test environments before reaching production. F5 does not need to become a developer tools company, but it will need a credible way to influence platform engineering and application design earlier in the lifecycle.</p>
<p>The third is agent identity. The industry has not yet established how to authorize agents continuously and in context, and F5 has no answer here either, at least not yet.</p>
<h2>Bottom Line</h2>
<p>F5 is addressing real enterprise conditions: hybrid multicloud complexity, expanding API surfaces, AI-driven traffic, digital sovereignty demands, and a persistent shortage of specialist expertise.</p>
<p>The opportunity is significant because F5 already sits where many of these problems converge: in the data path, close to applications, APIs, users, bots, models, and agents. The risk is that convergence becomes too complicated before it becomes useful. F5&rsquo;s job now is not to prove that it has enough products but to demonstrate that ADSP can become a coherent operating model for customers.</p>
<p>If F5 can make delivery, security, observability, and AI governance simpler across hybrid environments, the move from packets to tokens may give application delivery renewed strategic relevance.</p>							]]></description>
		</item>
				<item>
						<pubDate>Mon, 22 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Agents, Fabric, and the Unfinished Business of IAM, A Look Back at EIC 2026]]></title>
			<link>https://www.kuppingercole.com/watch/agents-fabric-iam</link>
			<guid>https://www.kuppingercole.com/watch/agents-fabric-iam</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Four weeks after EIC 2026 in Berlin, Matthias Reinwarth and Phillip Messerschmidt sit down to reflect on what the European Identity and Cloud Conference revealed about the state of identity and access management and what it means for the year ahead. Spoiler: agentic AI dominated, but it wasn't the only story.</p>
<p>Key Topics:</p>
<p>✅ Agentic AI as a new class of insider threat &mdash; autonomous, non-deterministic, and without ethics<br />✅ Data-centric defense vs. agent discovery: protect the vault, not the crowd<br />✅ Why dynamic authorization and behavior analytics are the IAM industry's urgent next step<br />✅ Data sovereignty and geopolitics: eroding trust in non-European SaaS vendors<br />✅ AuthZEN wins the EIC Award &mdash; a standard built before anyone knew the problem it would solve<br />✅ Martin Kuppinger's closing keynote: "Everything we failed to solve in the past decades bites back now"</p>
<p>"An agent behaves like a human insider threat &mdash; but without any sense of right or wrong." If your IAM program isn't ready for that, this episode is required listening.</p>
<p></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/agents-fabric-iam"><img src="https://www.kuppingercole.com//videothumb/agents-fabric-iam/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 18 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Rethinking Privileged Access]]></title>
			<link>https://www.kuppingercole.com/watch/rethinking-pam</link>
			<guid>https://www.kuppingercole.com/watch/rethinking-pam</guid>
			<description><![CDATA[ <p>Historically, privileged access was associated primarily with human administrators responsible for maintaining servers, networks, and enterprise applications. That model no longer reflects how organizations operate today. This webinar draws on a Leadership Compass covering over 35 vendors to examine how PAM adapts to distributed infrastructure, cloud-native systems, and machine-driven activity. It explores how privilege is discovered, governed, and enforced across environments where access is ephemeral, policy-driven, and continuously changing.</p>
<p>Alejandro Leal, Senior Analyst at KuppingerCole Analysts will explore how PAM vendors are addressing NHIs, cloud entitlements, and real-time authorization challenges. They will analyze the convergence of PAM with IGA and CIEM, while highlighting gaps, vendor strategies, and implications for modern security architectures.</p>
<p><strong>Key Takeaways:</strong></p>
<ul>
<li>Understand how privilege access has shifted over the years</li>
<li>Learn how NHIs and Agentic AI reshape PAM priorities and risk models</li>
<li>Explore PAM capabilities beyond vaulting and session control</li>
<li>Examine convergence between PAM, IGA, and CIEM</li>
<li>Assess vendor approaches across global PAM markets</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/rethinking-pam"><img src="https://www.kuppingercole.com//videothumb/rethinking-pam/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 17 Jun 2026 12:21:13 +0200</pubDate>
			<title><![CDATA[Nov 27, 2026: Identity-Centric Cybersecurity Summit]]></title>
			<link>https://www.kuppingercole.com/events/icc-summit-2026</link>
			<guid>https://www.kuppingercole.com/events/icc-summit-2026</guid>
			<description><![CDATA[ 							]]></description>
		</item>
				<item>
						<pubDate>Wed, 17 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Navigating B2B IAM: Leadership Compass Results Revealed]]></title>
			<link>https://www.kuppingercole.com/watch/navigating-b2b-iam</link>
			<guid>https://www.kuppingercole.com/watch/navigating-b2b-iam</guid>
			<description><![CDATA[ <p>This webinar presents a first look at the findings of KuppingerCole's Leadership Compass on B2B Identity and Access Management, a rigorous, vendor-neutral evaluation of platforms built to manage authenticated and authorized interactions across organizational boundaries.</p>
<p>Attendees will get a preview of the Leader chart along with analyst commentary on methodology, market structure, and the capabilities that define high performers. Whether you are building a B2B IAM strategy, evaluating solutions, or benchmarking your own platform, this session delivers structured insight grounded in primary research.</p>
<p>John Tolbert, Director of Research and Lead Analyst at KuppingerCole, has enterprise practitioner experience and deep analyst expertise to this topic. Before joining KuppingerCole, John worked as a security specialist at Fortune 500 companies and tech startups, giving him firsthand exposure to the operational realities that B2B IAM solutions must address. He will walk through the Leader chart, explain the evaluation methodology, and share candid observations on what the market is getting right and where gaps remain. Participants will leave with a sharper analytical lens for evaluating solutions in this space.</p>
<p><strong>Key Takeaways</strong></p>
<ul>
<li>Understand what B2B Identity and Access Management (B2B IAM) is and why it requires a distinct evaluation framework from workforce IAM and CIAM</li>
<li>Get a first look at the KuppingerCole's Leadership Compass on B2B Identity and Access Management, including a preview of the Leader chart and insights into the evaluation methodology</li>
<li>Learn which capabilities separate market leaders from the rest, including identity federation, delegated administration, partner lifecycle management, fine-grained authorization, and Know Your Business (KYB)</li>
<li>Explore emerging trends shaping the B2B IAM market, such as federated background checks, AI-assisted governance, and evolving regulatory requirements</li>
<li>Gain practical guidance for evaluating B2B IAM platforms, understanding common solution gaps, and defining selection criteria for your organization</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/navigating-b2b-iam"><img src="https://www.kuppingercole.com//videothumb/navigating-b2b-iam/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>Alejandro Leal</dc:creator>			<pubDate>Tue, 16 Jun 2026 11:00:00 +0200</pubDate>
			<title><![CDATA[Why the EU's Tech Sector Is Growing]]></title>
			<link>https://www.kuppingercole.com/blog/leal/eu-tech-sector-is-growing</link>
			<guid>https://www.kuppingercole.com/blog/leal/eu-tech-sector-is-growing</guid>
			<description><![CDATA[ <p>For years, discussions about the European Union's (EU) technology sector have tended to focus on what it lacks. Investment. Scale. Speed. The conversation often begins with Europe's weaknesses and ends with comparisons to the United States (US).</p>
<p>Yet beneath the headlines, a different story has been unfolding.</p>
<ul>
<li>Recent <a href="https://www.economist.com/business/2026/03/01/at-last-reasons-to-be-cheerful-about-european-tech">data</a> suggests that more technology professionals are moving from the US to Europe than in the opposite direction.</li>
<li>The EU's technology sector has become an increasingly important contributor to the economy. In 2023, it generated more than <a href="https://ec.europa.eu/eurostat/statistics-explained/index.php?title=ICT_sector_-_value_added,_employment_and_R%26D">&euro;816 billion</a> in value added, representing 5.24% of the EU's total gross value added (GVA).</li>
<li>Between 2015 and 2025, the number of funded tech companies in the EU increased from <a href="https://www.investeurope.eu/news/newsroom/state-of-european-tech-2025-a-roadmap-to-unlock-further-tech-growth/">13,000</a> to <a href="https://www.one.gob.es/en/contents/european-startup-ecosystem-numbers">40,000</a>.</li>
<li>Venture investment in European defense tech reached <a href="https://www.mckinsey.com/industries/aerospace-and-defense/our-insights/european-defense-by-the-numbers" target="_blank">&euro;2.5 billion</a> in 2025, more than 10-fold since 2020. For comparison, venture investments into US-based defense tech startups totaled approximately <a href="https://www.jpmorgan.com/insights/business-planning/defense-tech-innovation-and-the-role-of-startups">$38 billion</a> through the first half of 2025.</li>
<li>Over the past decade, the number of ICT specialists in the EU <a href="https://ec.europa.eu/eurostat/statistics-explained/SEPDF/cache/47162.pdf">increased by 59.4%</a>, more than 6 times the increase (9.8%) in total employment.</li>
<li>In 2025, after three consecutive years of declining investment, the European venture capital market showed signs of recovery with <a href="https://cepr.org/voxeu/columns/venture-capital-challenge-europe">&euro;66.2 billion</a> invested. Approximately <a href="https://www.stateofeuropeantech.com/chapters/executive-summary#firepower-for-ambition">36% of European VC</a> funding went to tech companies that year, up from just 19% in 2021.</li>
</ul>
<p>These statistics do not put the EU on equal footing with the US. However, they reflect a gradual shift in investor confidence. Although Europe lags behind the US and China in terms of overall size, its technology ecosystem is growing in ways that warrant closer attention.</p>
<h2>The Sovereignty Debate</h2>
<p>Over the past year, discussions around digital sovereignty have moved from the margins of policy debates to the center of the EU's technology agenda. A series of geopolitical and economic developments have contributed to this shift, including supply chain disruptions, growing tensions between the US and China, the extraterritorial reach of legislation such as the <a href="https://www.justice.gov/criminal/cloud-act-resources">U.S. CLOUD Act,</a> and broader concerns about Europe's dependence on foreign cloud providers, artificial intelligence (AI) infrastructure, semiconductors, and critical digital services.</p>
<p>Together, these developments have prompted policymakers to examine whether the EU can maintain sufficient control over the technologies upon which its economy, public services, and critical infrastructure increasingly depend.</p>
<p>As this KuppingerCole Analysts&rsquo; <a href="https://www.kuppingercole.com/research/an81078/digital-sovereignty-and-the-emerging-european-defense-sector">Advisory Note</a> argues, the real question is not whether digital sovereignty supports the EU's technological and economic interests, but rather how digital sovereignty can be structured to support these interests without undermining security or economic competitiveness.</p>
<p>Against this backdrop, the European Commission introduced the <a href="https://ec.europa.eu/commission/presscorner/detail/en/ip_26_1187">European Technological Sovereignty Package</a> on June 3rd, 2026. The initiative aims to strengthen the EU's capabilities in semiconductors, AI, cloud infrastructure, and open-source technologies.</p>
<p>As Commission President Ursula von der Leyen noted, the objective is to ensure that Europe can "make its own choices" when it comes to the technologies on which its economy increasingly depends.</p>
<p>The package includes two legislative proposals. The first, the proposed <a href="https://digital-strategy.ec.europa.eu/en/library/proposal-chips-act-20">Chips Act 2.0</a>, seeks to expand semiconductor capacity, support strategic investments, and strengthen links between chipmakers and growing sectors, such as cloud, data centers, and AI. The <a href="https://digital-strategy.ec.europa.eu/en/policies/cloud-and-ai-development-act">Cloud and AI Development Act</a> complements this by aiming to significantly increase European data center capacity while supporting sustainable AI innovation and establishing a common framework for assessing cloud and AI sovereignty.</p>
<p>Additionally, the package includes an <a href="https://digital-strategy.ec.europa.eu/en/policies/open-source-strategy">Open Source Strategy</a> that will support a stronger open-source ecosystem by investing in skills, open-source start-ups, and the long-term maintenance and security of Europe&rsquo;s open-source digital infrastructure. These efforts may not generate the same attention as billion-dollar funding rounds, but they create the foundations that allow digital businesses to emerge and scale.</p>
<p>Beyond the immediate implications for software development and innovation, these investments also matter for cybersecurity and identity and access management (IAM) professionals. Strong digital ecosystems create demand for secure authentication, digital trust services, identity verification, and privacy-preserving technologies.</p>
<p>They also increase the need for interoperable identity frameworks capable of supporting cross-border digital services, digital wallets, and emerging AI-driven applications. As organizations adopt more cloud-based and distributed architectures, identity increasingly becomes the control plane through which access, trust, and governance are enforced.</p>
<h2>From Growth to Strategy</h2>
<p>For decades, the US acted as the primary destination for technology professionals from around the world. As noted earlier, however, migration patterns have begun to shift. According to <a href="https://www.reveliolabs.com/news/tech/from-silicon-valley-to-the-seine-europe-is-gaining-tech-workers/">recent analysis</a>, the flow of technology talent toward Europe has increased, supported by growing innovation hubs in cities such as London, Berlin, Paris, Dublin, and Stockholm.</p>
<p>Political developments, immigration policies, and changing perceptions of opportunity have all contributed to this trend. Whether this trend proves temporary or permanent remains uncertain. Nevertheless, access to skilled engineers, researchers, and entrepreneurs remains one of the most important ingredients in building successful technology ecosystems.</p>
<p>Europe&rsquo;s technology growth is often framed as an economic issue. It is increasingly a strategic and geopolitical one. The debate around digital sovereignty is not simply about reducing dependence on foreign technology providers. It is also about ensuring that the EU can develop, retain, and scale its own capabilities in critical digital sectors.</p>
<p>However, the EU continues to face substantial gaps in scale, investment, and market fragmentation when compared to the US and China. Yet the direction of travel is becoming clearer. Policymakers increasingly view technological capability as a strategic asset, one that affects economic competitiveness, security, resilience, and long-term prosperity.</p>
<p>As outlined in the <a href="https://commission.europa.eu/topics/eu-competitiveness/draghi-report_en" target="_blank">Draghi</a> report, for tech companies to scale and grow, the EU must expand venture capital and continue to promote an independent digital ecosystem that empowers European startups to grow at home, whether that&rsquo;s in Dublin or Paris, and not flee to Silicon Valley or Shenzhen.</p>
<p>Europe still faces significant challenges. Yet the recent growth in investment, digitization, talent attraction, and strategic initiatives suggests that the conversation can no longer begin and end with comparisons to the US. Increasingly, the story is about what Europe is building.</p>							]]></description>
		</item>
				<item>
						<pubDate>Mon, 15 Jun 2026 08:29:21 +0200</pubDate>
			<title><![CDATA[Jul 22, 2026: Zero Trust Platforms: One Policy Layer for Everything]]></title>
			<link>https://www.kuppingercole.com/events/zero-trust-platforms</link>
			<guid>https://www.kuppingercole.com/events/zero-trust-platforms</guid>
			<description><![CDATA[ Most enterprises now have a Zero Trust initiative. Fewer can point to a Zero Trust architecture. MFA, ZTNA, microsegmentation, posture assessment, API security, and identity governance often remain distributed across separate tools, policies, and control planes. The result is familiar: attackers with valid credentials can still exploit gaps between systems, move laterally, and abuse machine identities that are poorly governed or barely visible.							]]></description>
		</item>
				<item>
						<pubDate>Mon, 15 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[B2B Identity & Access Management: A New Market Unpacked]]></title>
			<link>https://www.kuppingercole.com/watch/b2b-iam-new-market-unpacked</link>
			<guid>https://www.kuppingercole.com/watch/b2b-iam-new-market-unpacked</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Business relationships are complex and traditional IAM wasn't built for them. In this episode, Matthias Reinwarth sits down with Principal analyst John Tolbert, author of KuppingerCole Analysts' first-ever B2B IAM Leadership Compass, to explore why Business-to-Business Identity and Access Management is emerging as its own distinct market and what it takes to get it right.</p>
<p><strong>Key Topics:<br /></strong>✅ Why B2B IAM sits between workforce IAM and CIAM &mdash; and why neither alone is sufficient<br />✅ Delegated administration: handing identity governance to partner and supplier organizations<br />✅ Federation, lifecycle management, and the risks of trusting external HR processes<br />✅ "Know Your Business" &mdash; vetting organizations, sanctions screening, and org-level trust<br />✅ Fine-grained authorization: why RBAC falls short and ABAC/RBAC are taking over<br />✅ Agentic AI in B2B IAM: agents acting on behalf of external organizations</p>
<p>Supply chains with thousands of partner organizations, freelancers with hour-long access windows, and AI agents acting on behalf of external companies B2B IAM has to handle all of it.&nbsp;KuppingerCole Analysts' first B2B IAM Leadership Compass is out now read it alongside this episode to get the full picture of an emerging market you can't afford to ignore.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/b2b-iam-new-market-unpacked"><img src="https://www.kuppingercole.com//videothumb/b2b-iam-new-market-unpacked/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 12 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Is Your CDN Secure? CDN vs. DDoS Mitigation Unpacked with Qrator Labs]]></title>
			<link>https://www.kuppingercole.com/watch/videocast-qrator-secure-cdn</link>
			<guid>https://www.kuppingercole.com/watch/videocast-qrator-secure-cdn</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Speed and security are no longer separate concerns. In this videocast, Osman Celik sits down with Andrey Leskin, CTO of Qrator Labs, to break down what Content Delivery Networks really are in 2026 and why they've become a critical piece of modern security infrastructure, not just a performance tool.</p>
<p><strong>Key Topics:</strong></p>
<p>✅ What CDNs are and why they're no longer optional for competitive organizations<br />✅ How CDN and DDoS mitigation differ &mdash; and where they overlap<br />✅ Cache busting, HTTP floods, Slowloris and other real-world attack vectors<br />✅ Why "security-first CDN" is fundamentally different from "CDN with security bolted on"<br />✅ What CISOs and infrastructure leaders should look for when evaluating CDN solutions<br />✅ How to measure CDN value from day one: round trip time and time to render</p>
<p><em>A CDN without security is just a bigger target &mdash; find out why building security in from the ground up changes everything.</em></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/videocast-qrator-secure-cdn"><img src="https://www.kuppingercole.com//videothumb/videocast-qrator-secure-cdn/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 10 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From SAP IDM to Modern IGA: Closing the AD Lifecycle Gap Before 2027]]></title>
			<link>https://www.kuppingercole.com/watch/sap-idm-to-modern-iga</link>
			<guid>https://www.kuppingercole.com/watch/sap-idm-to-modern-iga</guid>
			<description><![CDATA[ <p>SAP Identity Management reaches end of mainstream maintenance in December 2027, and every IGA vendor is offering a replacement. But most migration guidance misses a critical gap: organizations following SAP's recommended path to Microsoft Entra will still lack proper Active Directory lifecycle management. This leaves identities, entitlements, and compliance exposure unresolved when the clock runs out.</p>
<p>This webinar cuts through the market noise to address what generic replacement messaging ignores: the governance risks that emerge *during* transition, the structural limitations of Entra-only strategies for AD lifecycle, and how behavioral analytics can surface over-provisioning before it follows you into your new environment.</p>
<p><strong>Nitish Deshpande, Senior Analyst at KuppingerCole Analysts</strong>, will examine the identity governance transformation that SAP IDM end of life demands, beyond just the platform replacement. He will assess the market landscape, outline what organizations most commonly overlook in migration planning, and discuss how behavioral-driven governance strengthens compliance and reduces entitlement risk across hybrid environments.</p>
<p><strong>Robert Kraczek, Global Strategist at One Identity</strong>, will present a practical approach to SAP IDM migration using Identity Manager available on-premises or hosted via Identity Manager On Demand, alongside Active Roles for AD and Entra ID lifecycle management. He will explain why Entra alone does not close the AD governance gap, how Identity Manager's consistent governance model spans SAP and non-SAP systems regardless of deployment model, and what organizations should prioritize to reach the 2027 deadline without sacrificing governance continuity.</p>
<p></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/sap-idm-to-modern-iga"><img src="https://www.kuppingercole.com//videothumb/sap-idm-to-modern-iga/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Mon, 08 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PAM Is No Longer a Vault: The New Identity Security Layer]]></title>
			<link>https://www.kuppingercole.com/watch/pam-no-longer-a-vault</link>
			<guid>https://www.kuppingercole.com/watch/pam-no-longer-a-vault</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Privileged Access Management has outgrown the vault. In this episode, Matthias sits down with lead analyst Alejandro Leal, author of KuppingerCole's newly released PAM Leadership Compass, to explore how the definition of privilege itself has changed, what NHIs and agentic AI mean for PAM, and why deployment sovereignty is now a boardroom conversation.</p>
<p><strong>Key Topics:</strong></p>
<p>✅ How the definition of "privilege" has shifted from admin accounts to dynamic runtime identity capabilities<br />✅ PAM convergence with IGA, CIEM, ITDR, SIEM, and SOAR &mdash; the end of the standalone PAM product<br />✅ Non-Human Identities (NHIs) and agentic AI: the silent accumulation of machine privilege<br />✅ Just-in-time access: the gap between concept and operational reality<br />✅ Deployment sovereignty: who controls the keys to the kingdom &mdash; SaaS, on-prem, or hybrid?<br />✅ AI and ML in PAM: separating genuine innovation from marketing inflation</p>
<p>"Most enterprises can tell you the number of employees they have &mdash; very few can tell you the number of machine identities." If that sounds familiar, this episode is for you.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/pam-no-longer-a-vault"><img src="https://www.kuppingercole.com//videothumb/pam-no-longer-a-vault/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 04 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Unified Governance Across SAP and Business Applications]]></title>
			<link>https://www.kuppingercole.com/watch/heterogeneous-it</link>
			<guid>https://www.kuppingercole.com/watch/heterogeneous-it</guid>
			<description><![CDATA[ <p>As organizations expand beyond SAP into hybrid ecosystems of SaaS and LoB applications, governance becomes fragmented and inconsistent. Traditional access control approaches no longer suffice, requiring a shift toward holistic Business Application Risk Management that leverages integrated technologies, automation, and real-time analytics to ensure consistent policy enforcement and visibility.</p>
<p>Martin Kuppinger, Founder and Distinguished Analyst at KuppingerCole Analysts will explore the evolution from SAP-centric access control to unified governance across heterogeneous environments. He will highlight key findings from Leadership Compass reports, SAP Access Control &amp; Security and Business Application Risk Management, discuss emerging trends, outline essential solution capabilities, and provide practical guidance on selecting technologies for effective risk management.</p>
<p>This webinar is designed for IT security leaders, IAM professionals, and enterprise architects seeking to modernize governance strategies across SAP and non-SAP environments.</p>
<p><strong>&nbsp;</strong></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/heterogeneous-it"><img src="https://www.kuppingercole.com//videothumb/heterogeneous-it/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>Christopher Schütze</dc:creator>			<pubDate>Wed, 03 Jun 2026 11:00:00 +0200</pubDate>
			<title><![CDATA[From the Floor, Not the Stage: An Advisory View on EIC 2026]]></title>
			<link>https://www.kuppingercole.com/blog/schuetze/advisory-view-on-eic-2026</link>
			<guid>https://www.kuppingercole.com/blog/schuetze/advisory-view-on-eic-2026</guid>
			<description><![CDATA[ <p>This was my seventh EIC as a KuppingerCole Analysts employee. And there are people in this community who have been coming for all nineteen years. What brings both groups back, and what draws new people in every year, is the same thing. This conference feels less like an industry event and more like a reunion of people who are genuinely working on the same hard problems.</p>
<p>What I notice year over year is simple. The conversations are getting more substantive, more cross-functional, and increasingly focused on the hardest aspects of IAM. And when you run into someone you worked with twelve years ago and spend ten minutes catching up on where those IAM programs stand today, that conversation alone tells you more about the state of the industry than most analyst reports.</p>
<p>Here is my take on EIC 2026 from where I sat. The short version: AI is setting the agenda, but the baseline work is setting the pace.</p>
<h2>Agentic AI Was Everywhere. And Rightly so.</h2>
<p>Agentic AI dominated the agenda this year, and rightly so. The implications for identity, authorization, and governance are profound. Martin Kuppinger's keynote extended the Fabric concept beyond identity, introducing the Cybersecurity Fabric and the AI Fabric as related but distinct architectures that share capabilities while serving different purposes. The same structured thinking that makes the Identity Fabric a useful tool for IAM architects now applies across a broader security and AI governance landscape.</p>
<p>That framing matters. Because what we see in Advisory conversations is exactly that challenge: organizations trying to make sense of overlapping capabilities, overlapping tools, and overlapping responsibilities across identity, security, and AI. The Fabric model gives them a way to think about that without starting from scratch.</p>
<p>There is a deeper tension here though. IAM has always been a slow-moving discipline by nature. But for roughly the last three to five years, the pace of change has fundamentally shifted. AI, non-human identities, agentic systems: these are not incremental developments. They are structural shifts arriving faster than most IAM teams can absorb. The technology is already in production. The governance frameworks, the best practices, the full lifecycle solutions: they are still catching up. That gap is real, and it was present in almost every serious conversation at the EIC. And it hits hardest where it was already difficult: IAM teams that were understaffed before AI arrived are now at serious risk of falling so far behind that catching up becomes structurally impossible.</p>
<p>But here is the Advisory observation: the organizations we talked to are not yet at the point of governing AI agents. Most of them are still working through foundational IAM challenges. CIAM strategy, IGA tool choices, target operating models, organizational alignment. Which raises the question that nobody has fully answered yet: how do we bring together where organizations actually are in their IAM maturity with what governing AI agents will require? That gap is the defining challenge the industry is now walking into.</p>
<h2>The Identity Fabric Is Not Yet Common Knowledge</h2>
<p>We opened our Tuesday workshop with a simple question: how many of you are familiar with the Identity Fabric concept?</p>
<p>More than half of the room had not encountered it before.</p>
<p>This is not a failure. It is a signal. The EIC community is growing. New people are entering the field, facing identity challenges for the first time, looking for frameworks that help them make sense of complexity. What landed was not a sales pitch but a structured way of thinking: the Identity Fabric, and our Reference Architecture combined with our Maturity Assessment as a practical starting point that gives organizations a clear path from where they are to where they need to be.</p>
<p>The workshop was full. And when Fressnapf's Lisa Zimmermann took the stage to walk through how we applied the Identity Fabric and the Maturity Assessment in a real project, the room got very quiet. That is what a real reference customer does. It turns a methodology into proof. &nbsp;&nbsp;</p>
<h2>When Practice Meets Theory</h2>
<p>One of the highlights of the week was Patrick Teichmann together with Oliver Schluga from Erste Digital on stage. What they presented was not a polished success story. It was an unfiltered account of what a large-scale IAM transformation actually looks like in practice, inside one of the biggest banking groups in Central and Eastern Europe.</p>
<p>The message they brought to the stage was one that resonates with almost every organization we work with: IAM has to fit the organization, accounting for its specific context and constraints, without becoming a collection of isolated solutions. That sounds obvious. In practice, it is one of the hardest things to get right. Erste Digital had started where almost every organization starts, with a clean top-down concept, business roles neatly aligned to processes, everything mapped out on paper. But when that concept met the actual environment, with eighty thousand users spread across different authorization systems ranging from SAP and Office 365 to AWS, GCP, and proprietary layers that had grown organically over years, the gap between theory and reality became impossible to ignore. The only viable path forward was the combined approach: understand what actually exists, identify what works, and build from there rather than trying to impose a structure the environment could not support.</p>
<p>What made this land was seeing a real project, with real complexity, presented without a filter. That kind of practitioner transparency is rare and exactly what a room full of people dealing with the same challenges needs to hear.</p>
<p>This connects to one of the sharpest recurring questions from the week: RBAC is dead, yes, but how does an organization actually move toward dynamic authorization in a way that fits its reality? What does that transformation look like in practice, not in a whitepaper? Erste Digital's journey is one of the most concrete answers to that question available right now.</p>
<p>For Advisory, this is exactly the conversation we have with clients every week. The technology is rarely the bottleneck. The organizational alignment, the business involvement, the ownership model: that is where projects succeed or fail. Seeing it confirmed live by a practitioner, in front of a room full of people dealing with the same challenges, is the kind of moment that makes the EIC worth attending.</p>
<h2>What Organizations Are Actually Asking For</h2>
<p>The Luncheon this year ran as an open dialogue around questions that turned out to be more loaded than they sound: what does the IAM professional look like in the future, given AI? And how do you actually operationalize all of these topics in practice? Both triggered long conversations. Because the straightforward answer to both is: nobody really knows yet, and most organizations are figuring it out as they go.</p>
<p>Nowhere was this more visible than in the governance debates around AI. The spectrum of positions in the room ran from "humans must have the final word on everything and must understand every decision" all the way to "agents need to run fully autonomously, with independent models validating each other's actions." Both positions have logic behind them. The reality will be somewhere in the middle. But the open question, the one that nobody could answer clearly, is whether that middle ground will satisfy auditors and regulators. That question is not rhetorical. It is one of the most consequential open problems in the field right now. On AIdentity specifically, intent security emerged repeatedly as the topic generating the most uncertainty. Not because people lacked opinions, but because the existing frameworks and best practices only partially apply. The field is still crystallizing what good looks like.</p>
<p>CIAM is a major topic. Multiple organizations, across banking, retail, and manufacturing, are in the middle of tool selections, implementation projects, or strategic realignments. The questions being asked are very concrete and operational. Organizations want to know whether a tool will actually cover their authorization requirements, what the target operating model looks like once it is live, and who owns and runs it three years down the line.</p>
<p>IGA governance is the other recurring thread. Some are carrying self-built solutions that have outgrown their original design and need a strategic path forward. Others are mid-implementation and realizing that the governance model was never properly defined to begin with. And in more cases than one might expect, the tooling is actually working fine, but the organizational alignment around it is not.</p>
<p>A third pattern was AI and Identity. Organizations across industries came in asking about AI and identity, and what quickly became clear was how much uncertainty still exists. Not about whether AI matters for IAM, but about how to actually approach it. How do you manage machine identities in practice? How do you think about access for AI systems? How does any of this integrate into an IAM program that is already in flight? The questions were real. The answers, in most cases, are still being worked out.</p>
<h2>The Value of Being Present</h2>
<p>What stood out this year was where the best conversations actually happened. Rarely at the booth, more often at the side events, over dinner, or in the corridors between sessions. The informal setting changes the dynamic completely.</p>
<p>The EIC creates a concentration of the right people in the right place that simply does not exist anywhere else in Europe for this domain. CISOs, IAM leads, architects, and decision makers, all in one building for four days, all focused on the same set of challenges.</p>
<p>For Advisory, that density translates directly into meaningful engagement across financial services, retail, manufacturing, energy, and the public sector, with organizations working through the same core questions from very different starting points.</p>
<h2>The Bottom Line</h2>
<p>EIC 2026 confirmed what we see in project work every week. The identity market is maturing, but unevenly. Agentic AI is the headline topic, and the underlying research and thinking from KuppingerCole is strong. But for most organizations, the path to governing AI agents runs straight through the IAM fundamentals they have not yet fully solved.</p>
<p>That is exactly what Advisory is for. Helping organizations understand where they actually stand, where they need to go, and what a realistic path between the two looks like.</p>
<p>See you at <a href="https://www.kuppingercole.com/events/eic2027">EIC 2027</a>.</p>							]]></description>
		</item>
				<item>
			<dc:creator>Alexei Balaganski</dc:creator>			<pubDate>Tue, 02 Jun 2026 16:00:00 +0200</pubDate>
			<title><![CDATA[Your AI Agent Has a Supply Chain Problem]]></title>
			<link>https://www.kuppingercole.com/blog/balaganski/your-ai-agent-has-a-supply-chain-problem</link>
			<guid>https://www.kuppingercole.com/blog/balaganski/your-ai-agent-has-a-supply-chain-problem</guid>
			<description><![CDATA[ <p>Enterprise AI has a new dependency problem, and it is arriving through MCP faster than most organizations can inventory it. The Model Context Protocol is becoming the connective tissue between agents, tools, data sources, developer environments, and business applications. That makes it useful. It also makes it dangerous, because the servers carrying that traffic are executable components in an expanding software supply chain, not passive plumbing.</p>
<p>As a scuba diver, I quickly learned that admiring the reef can never be my top priority. The unglamorous gear, the regulator and valves and gauges checked before the descent, is what decides whether a dive stays controlled. MCP is becoming that gear for enterprise AI: essential, increasingly invisible, and too often trusted before anyone has inspected it.</p>
<p>The MCP servers now spreading through enterprises are not just connectors. They are an unchecked dependency graph with access to tools, data, credentials, and business workflows. Many organizations adopting them cannot reliably say where a given server came from, who wrote it, what version is running, which permissions it holds, or what it does after the connection succeeds.</p>
<p><img src="/pics/mcp_dependency_graph.png" alt="" /></p>
<p>Recent MCP incidents have mostly been treated as normal software defects. A flaw appears, an advisory follows, the vendor ships a fix, and everyone applies it. Consider <a href="https://nvd.nist.gov/vuln/detail/CVE-2026-32173">CVE-2026-32173</a> in which a missing authentication check let an unauthenticated caller access data it should never have seen. A patch fixed it, but it is the reflex behind it that is the real problem. Each patch fixes one defect and leaves untouched the thing that keeps producing them.</p>
<p>The larger pattern is that MCP is turning agentic AI into a supply chain and runtime governance challenge. In our research library, two recent KuppingerCole Analysts Leadership Briefs explain why <a href="https://www.kuppingercole.com/research/lb80918/model-context-protocol">MCP is the API security problem nobody is ready for</a>, and <a href="https://www.kuppingercole.com/research/lb80920">without API security there is no AI security</a>. Both hold because MCP routes requests, mediates access to enterprise systems, and inherits the API governance failures organizations already had. But API security is necessary here, not sufficient. The supply chain dimension is the part the industry keeps <a href="https://www.kuppingercole.com/blog/balaganski/software-supply-chain-security">importing without inspecting</a>.</p>
<p>The access-control layer is finally maturing. The <a href="https://modelcontextprotocol.io/specification/2025-11-25/basic/authorization">MCP authorization specification</a> defines authorization for HTTP-based transports, <a href="https://owasp.org/www-project-mcp-top-10/">OWASP has published an MCP Top 10</a>, and secure transport is getting real attention. These steps help answer who is allowed to connect and what scope they hold. They do not answer the harder question: what local commands, file paths, secrets, APIs, and downstream tools an MCP server can actually reach, and whether those capabilities are fixed, reviewed, and monitored.</p>
<p><img src="/pics/auth_token_gap.png" alt="" /></p>
<h2>The Recurrence Is the Signal</h2>
<p>Consider the <a href="https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/">STDIO transport issue documented by OX Security</a> in April 2026. It affects environments that automatically load or invoke MCP tools from configuration files, IDE extensions, marketplaces, or agent workflows. This is not a bug. It is a systemic weakness in implementations where untrusted MCP server configurations can lead to arbitrary command execution through official SDK behavior and common client integrations.</p>
<p>The problem is not only that one implementation got it wrong. It is that the same risky pattern keeps moving through the MCP ecosystem, while every downstream developer is left to catch and fix it locally. Many organizations were exposed to Log4Shell in 2021 through code they did not write and systems they had not fully inventoried. MCP can create the same blind spot, with tool behavior and server code inherited before anyone has reviewed them.</p>
<p>Then came the <a href="https://thehackernews.com/2026/04/claude-code-tleaked-via-npm-packaging.html">Claude Code source exposure</a> through a packaging error. Within days, fake &ldquo;unlocked&rdquo; Claude Code repositories were <a href="https://www.bleepingcomputer.com/news/security/claude-code-leak-used-to-push-infostealer-malware-on-github/">distributing the Vidar infostealer</a>. The lesson was painfully familiar: developer trust, package distribution, local configuration, and agentic tooling collapse into one attack surface very quickly. KuppingerCole Analysts has tracked this same run of <a href="https://www.kuppingercole.com/research/wp81294/aidentity-s-answer-to-mcp-server-incidents">malicious and compromised MCP servers</a> across 2025 and into 2026.</p>
<p>The remediation advice from experts was obvious. It was also pure software supply chain language, and the industry reached for it by instinct even while continuing to file these incidents under API security. That instinct is correct. After all, there is no patch for a server doing exactly what its definition told it to do.&nbsp;</p>
<h2>What Organizations Need to Do Now</h2>
<p>The real question is no longer whether an MCP server is authenticated. Authentication still matters. The question that matters more is whether anyone has audited what each MCP server is, where it came from, and what it is allowed to do. Treat tool definitions as software supply chain assets.</p>
<ol>
<li>Start with inventory. You cannot govern a dependency graph you have never enumerated. Scan for MCP and SSE endpoints, identify the servers nobody registered, and bring the <a href="https://www.kuppingercole.com/blog/gardiner/from-shadow-saas-to-shadow-ai-the-growing-security-gap-no-one-owns">shadow AI surface</a> under control.</li>
<li>Treat MCP manifests, server packages, skills, and agent configuration as production software, not convenience. Approved registries, pinned versions, validated provenance, and human review are the minimum bar before any tool definition reaches enterprise use. In practice, that means handling them like raw npm dependencies.</li>
<li>Stop treating a valid token as evidence of safety. A token tells you who connected but says nothing about the code behind the connection, which is exactly the gap <a href="https://www.kuppingercole.com/research/an80990/from-machine-identity-to-agentic-ai-charting-the-nhi-continuum">non-human identity governance</a> has to close as agents multiply.</li>
<li>Put CLAUDE.md files, skills, prompts, and agent configurations under the same review as an external pull request. In many environments, that is precisely what they are: instructions arriving from outside the security boundary, consumed by software that can act on them.</li>
<li>Monitor what servers do after they connect. Provenance and review govern the code you accept. Runtime monitoring governs the behavior you did not predict. Treating agents as <a href="https://www.kuppingercole.com/research/wp81299/from-ai-agents-to-trusted-digital-workers">trusted digital workers</a> means watching their tool calls and revoking access when behavior drifts, not just vetting them at onboarding.</li>
</ol>
<p>None of this is new security work. Inventory, provenance, least privilege, change control, and runtime monitoring have existed for decades. What changed is the speed and the scale. MCP infrastructure is being assembled at vibe-coding velocity, often from unchecked open-source tools and components.</p>
<p>Regulation will make this harder to ignore. EU AI Act obligations around logging, transparency, human oversight, and cybersecurity increasingly reach the layers where agents invoke tools and act on enterprise data. An auditor will not be impressed by &ldquo;we trusted the registry.&rdquo;</p>
<p>Organizations that keep treating every MCP vulnerability as a one-off patch will keep patching. Those that build provenance, review, and runtime control into MCP adoption will know what they are running. One group handles incidents. The other manages risk.</p>							]]></description>
		</item>
				<item>
			<dc:creator>Phillip Messerschmidt</dc:creator>			<pubDate>Mon, 01 Jun 2026 16:54:36 +0200</pubDate>
			<title><![CDATA[Application Inventory - Identify What to Protect. Are You Missing Critical Assets?]]></title>
			<link>https://www.kuppingercole.com/research/wp81148/application-inventory-identify-what-to-protect-are</link>
			<guid>https://www.kuppingercole.com/research/wp81148/application-inventory-identify-what-to-protect-are</guid>
			<description><![CDATA[ This whitepaper examines Application Inventory Management (AIM) as a critical, yet often underestimated, enabler for Identity and Access Management (IAM). It shows how incomplete or poorly maintained application inventories undermine IAM initiatives by increasing manual effort, fragmentation, and risk. By analyzing practical overlaps between AIM and IAM, the paper explains why reliable application data is essential for onboarding, lifecycle automation, integration, and audit readiness, and why IAM organizations benefit significantly from treating AIM as an operational capability rather than documentation.							]]></description>
		</item>
				<item>
			<dc:creator>Matthew Gardiner</dc:creator>			<pubDate>Mon, 01 Jun 2026 13:30:00 +0200</pubDate>
			<title><![CDATA[Securing and Governing AI: Why AI Security Requires a Fabric, not a Category]]></title>
			<link>https://www.kuppingercole.com/blog/gardiner/securing-and-governing-ai</link>
			<guid>https://www.kuppingercole.com/blog/gardiner/securing-and-governing-ai</guid>
			<description><![CDATA[ <p>The security industry likes distinct product categories. A new threat or risk appears, analysts name the category, vendors position around it, and buyers build feature shortlists. That model works when the problem has clear boundaries, but AI security does not.</p>
<p>Many vendors (both established players and AI-native startups) claim to provide &ldquo;AI security&rdquo; or &ldquo;AI governance&rdquo;. Most of these vendors are directionally right, but the problem space is too broad and dynamic for any one control category or solution provider to address comprehensively.</p>
<p>Securing AI will thus not become one giant market category. It requires a fabric that combines multiple control categories. Much like the need for holistic identity and access management implementations that combine multiple controls led KuppingerCole Analysts to define the <a href="https://www.kuppingercole.com/identity-fabric-reference-architecture#identity-fabric" target="_blank">identity fabric</a>. Existing security and governance categories must extend and provide coverage for generative AI and AI agents. At the same time, new AI-native controls will emerge for risks that traditional controls are not designed to handle. Enterprises should plan to use both types as part of the emerging <a href="https://www.kuppingercole.com/watch/ai-security-fabric" target="_blank">AI security fabric</a>.</p>
<p>This matters because AI is moving faster than current controls, both identity and broader cybersecurity can support. AI is being embedded into productivity suites, business applications, development platforms, analytics tools, security systems, and many other types of SaaS applications. Organizations are also building internal copilots and are rolling out specialized AI agents in support of their businesses. Security teams are being asked to secure systems they are currently <a href="https://cloudsecurityalliance.org/artifacts/autonomous-but-not-controlled-ai-agent-incidents-now-common-in-enterprises" target="_blank">not even able to comprehensively discover</a>.</p>
<h2>Why AI Is Not Just Another Application</h2>
<p>Treating AI as just another application is wrong. Traditional controls still apply, but AI dramatically changes what needs to be protected. With conventional applications security teams can focus on users, access control, the code, data, and logs. AI systems behave differently: they combine foundational model behavior with prompts, enterprise context, data retrieval, tools, and delegated action, and their non-deterministic results may change with each run.</p>
<p>This changes the attack surface. Beyond exploiting vulnerabilities or stealing credentials, attackers can now manipulate prompts, poison retrieval, exploit context, induce unsafe output, or trick an agent into taking malicious actions. The resulting risks span application security, identity, data security, and business process control. This shift is why traditional cybersecurity frameworks struggle to fully model AI systems, especially in agentic and generative AI environments.</p>
<p align="center"><img src="/pics/securing-governing-ai-graphic-matthew1.png" alt="" /></p>
<h2>Existing Security Controls Will Evolve, Not Disappear</h2>
<p>Some AI risks can (or will) be handled by current security and governance controls. IAM systems can understand AI users, services, and agents. IGA and PAM systems can govern delegated authority and privileged actions. Data security controls can know which AI systems can access sensitive information and how that information can appear in outputs.</p>
<p>GRC systems can manage AI assets, ownership, policy, risk decisions, and the associated evidence. SOC tools can detect misuse involving AI systems. SaaS security tools can discover AI services, risky grants, and shadow AI adoption inside enterprises.</p>
<p>Existing security categories will not disappear, but vendors must evolve their control models to treat AI systems and AI agents as first-class actors.<strong>&nbsp;</strong></p>
<h2>AI-native Controls are Required for Security Architectures</h2>
<p>Extending existing security categories for AI will not be enough.</p>
<p>Some AI risks need controls built close to the AI interaction layer. Prompt injection is not SQL injection, jailbreaking is not access abuse, and agent runtime control is not service-account monitoring.</p>
<p>Enterprises also need controls that inspect prompts, evaluate outputs, detect manipulation, protect data retrieval, and enforce policy during AI interactions. They need runtime monitoring for agents that can use tools, act across systems, and with and through other agents. They will need evidence that shows what the AI system was asked to do and what happened.</p>
<p>AI introduces failure modes that traditional security controls were not originally designed to manage.</p>
<h2>AI Governance and AI Security Are Related, Not Identical</h2>
<p>AI governance and AI security are often discussed together, but they are not the same.</p>
<p>AI governance refers to defining policies, ownership, accountability, and evidence requirements for AI systems. AI security refers to enforcing and monitoring those policies across runtime systems, data access, and AI agents.</p>
<p>AI GRC should answer questions such as:</p>
<ul>
<li>What AI systems exist?</li>
<li>Who owns them?</li>
<li>What are they used for?</li>
<li>What policies apply?</li>
<li>What evidence is required?</li>
</ul>
<p>AI security answers a different set of questions:</p>
<ul>
<li>Can this AI system access that data?</li>
<li>Can it call that API?</li>
<li>Is a prompt attempting to override policy?</li>
<li>Did the system expose sensitive information?</li>
<li>Did an AI action cause an incident?</li>
</ul>
<p>The two domains must work together, but governance systems and enforcement controls should remain operationally distinct.</p>
<p align="center"><img src="/pics/securing-governing-ai-graphic-matthew2.png" alt="" /></p>
<h2>Agentic AI Changes the Risk Model</h2>
<p>The emergence of agentic AI significantly raises the stakes.</p>
<p>A chatbot that drafts text creates some risk. An autonomous agent that can call APIs, modify records, trigger workflows, communicate with other systems, or delegate to other agents creates a fundamentally different risk model.</p>
<p>That puts agentic AI at the intersection of identity, data access, workflow control, and runtime security. Agents may act with delegated authority, using workload or human identities, and they will make decisions faster than human-in-the-loop review processes can keep up.</p>
<p>This is why enterprises need an <a href="https://www.kuppingercole.com/watch/ai-security-fabric" target="_blank">AI Security Fabric</a>: a need for integrated control architectures that connect identity, policy, runtime protection, telemetry, incident response, and audit evidence across AI systems and agents.</p>
<h2>Start with Controls, Not Category Labels&nbsp;</h2>
<p>The best buyer strategy is straightforward: map AI use cases to control requirements before evaluating product categories.</p>
<p>Organizations should begin by identifying:</p>
<ul>
<li>Which AI systems are in scope</li>
<li>What data they can access</li>
<li>Who or what can act through them</li>
<li>Which business processes they affect</li>
</ul>
<h2>AI Security requires a Fabric</h2>
<p>AI security requires both evolution and invention.&nbsp;Existing security and governance categories will become AI-aware. At the same time, new AI-native controls are also emerging where prompts, models, context, data retrieval, and agents create new risks.</p>
<p>Securing AI will not be one market category. It will be a discipline, an architecture, a fabric, or a mesh, and requires a multi-year shift in how enterprises govern and protect this new class of IT system. The challenge is no longer whether AI introduces new risk. It is whether organizations can design controls fast enough to match adoption.</p>
<p>Organizations should begin now by:</p>
<ol>
<li>Mapping AI systems and agents</li>
<li>Identifying control coverage gaps</li>
<li>Separating governance from enforcement</li>
<li>Evaluating where existing controls apply</li>
<li>Identifying where AI-native protections are required</li>
</ol>
<p>Organizations evaluating AI security and governance strategies will increasingly need cross-domain expertise spanning these domains.</p>
<p>To dive deeper into this topic, check out this analyst chat on the <a href="https://www.kuppingercole.com/watch/ai-security-fabric">AI Security Fabric</a>.</p>							]]></description>
		</item>
				<item>
						<pubDate>Mon, 01 Jun 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Know Your Attack Surface: ASM, DRP & Brand Protection]]></title>
			<link>https://www.kuppingercole.com/watch/know-your-attack-surface</link>
			<guid>https://www.kuppingercole.com/watch/know-your-attack-surface</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Not all cyber threats target your systems, some target your reputation, your customers, and your brand. In this episode, Matthias Reinwarth sits down with research analyst Osman Celik to unpack three closely related but distinct markets: Attack Surface Management (ASM), Digital Risk Protection (DRP), and Brand Protection &mdash; and help organizations figure out which one they actually need.</p>
<p><strong>Key Topics:</strong></p>
<p>✅ What Attack Surface Management is and its four subcategories (CAASM, EASM, TPRM, DRP)<br />✅ How Digital Risk Protection monitors dark web, social media, and hacker forums<br />✅ What Brand Protection adds on top of DRP &mdash; from takedown services to counterfeit detection<br />✅ DRP vs. Brand Protection: lightweight vs. full-spectrum &mdash; and when you need which<br />✅ Why brand reach matters more than company size when assessing risk<br />✅ What KuppingerCole research is available now &mdash; and what's coming in August</p>
<p><em>Someone may be selling counterfeit versions of your product right now &mdash; or impersonating your brand online. DRP and Brand Protection tools exist to catch exactly that.</em></p>
<p>Check out KuppingerCole's Brand Protection Buyer's Compass <a href="https://www.kuppingercole.com/research/bc81139/brand-protection-socradar" class="ProsemirrorEditor-link">here</a>.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/know-your-attack-surface"><img src="https://www.kuppingercole.com//videothumb/know-your-attack-surface/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 28 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond SOAR: The Rise of the AI SOC]]></title>
			<link>https://www.kuppingercole.com/watch/rise-of-ai-soc</link>
			<guid>https://www.kuppingercole.com/watch/rise-of-ai-soc</guid>
			<description><![CDATA[ <p>The AI SOC market is expanding rapidly as security vendors race to deliver security automation systems that help deliver smarter triage, improved investigations, and faster responses. But not every AI claim translates into meaningful operational improvement.</p>
<p>This webinar examines what is driving the surge of investment, which solution patterns are emerging across the market, and how security leaders should evaluate AI-assisted operations.&nbsp;The session will focus on measurable outcomes, analyst augmentation, governance, explainability, and the tradeoffs between traditional workflow automation and newer agentic approaches so attendees can separate real value from market noise and make more confident strategic security investment decisions.</p>
<p>FIVE KEY TAKEAWAYS</p>
<ul>
<li>Understand what is driving the surge of investment in AI-assisted security operations</li>
<li>Explore why both traditional rule-based automation, along with AI-driven approaches are needed in modern SOCs&nbsp;</li>
<li>Examine how AI is influencing the decision between building an internal SOC and leveraging MDR services</li>
<li>Learn the current state of AI agents within security operations and where they deliver practical value&nbsp;</li>
<li>Understand why the future SOC remains AI-assisted rather than fully autonomous</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/rise-of-ai-soc"><img src="https://www.kuppingercole.com//videothumb/rise-of-ai-soc/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Tue, 26 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Shadow Agents and the Next Identity Crisis]]></title>
			<link>https://www.kuppingercole.com/watch/shadow-agents-identity-crisis</link>
			<guid>https://www.kuppingercole.com/watch/shadow-agents-identity-crisis</guid>
			<description><![CDATA[ <p data-pm-slice="1 1 []">Shadow IT was manageable. Shadow AI was concerning. Shadow agents? That's a whole different problem.</p>
<p>300 episodes already? Time flies when you're having fun! In this 300th Episode of the KuppingerCole Analyst Chat, Matthias sits down with Distinguished Analyst Martin Kuppinger to unpack one of the most urgent, and underestimated, security challenges facing organizations right now: employees building and deploying their own AI agents, with no governance, no oversight, and no accountability.</p>
<p>Key topics:</p>
<p>✅ What "shadow agents" are and why they're fundamentally different from shadow IT or shadow AI<br />✅ Why vibe coding means anyone, not just developers, can now deploy autonomous agents inside your systems<br />✅ How AI agents massively expand the attack surface through prompt injection, data exfiltration, and uncontrolled access<br />✅ Why discovery and resource-side controls must happen in parallel and why neither alone is enough<br />✅ What organizations can actually do to gain control without just shutting everything down</p>
<p>The bottom line: there's a thin line between agents that help your business and agents that harm it. Right now, most organizations can't tell the difference.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/shadow-agents-identity-crisis"><img src="https://www.kuppingercole.com//videothumb/shadow-agents-identity-crisis/400"></a>			]]></description>
		</item>
				<item>
			<dc:creator>Alexei Balaganski</dc:creator>			<pubDate>Mon, 25 May 2026 17:29:36 +0200</pubDate>
			<title><![CDATA[No API Security, No AI Security]]></title>
			<link>https://www.kuppingercole.com/research/lb80920/no-api-security-no-ai-security</link>
			<guid>https://www.kuppingercole.com/research/lb80920/no-api-security-no-ai-security</guid>
			<description><![CDATA[ Every AI system acts through APIs: retrieving context, invoking tools, and chaining decisions across enterprise infrastructure. Yet most organizations govern API security, generative AI defense, and non-human identity management as separate disciplines, leaving the gaps unprotected. This Leadership Brief maps the AI-specific threat landscape at the API layer, explains where conventional controls fall short against autonomous agents operating with delegated authority at machine speed, and delivers practical recommendations for closing the gap.							]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Closing Session]]></title>
			<link>https://www.kuppingercole.com/watch/closing-keynote-eic26</link>
			<guid>https://www.kuppingercole.com/watch/closing-keynote-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/closing-keynote-eic26"><img src="https://www.kuppingercole.com//videothumb/closing-keynote-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Master in Authorization Models: xBAC etc al.]]></title>
			<link>https://www.kuppingercole.com/watch/panel-master-in-authorisation-models-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-master-in-authorisation-models-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-master-in-authorisation-models-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-master-in-authorisation-models-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: ITDR in the Real World: Detecting Identity Attacks Before They Become Breaches]]></title>
			<link>https://www.kuppingercole.com/watch/panel-itdr-in-the-real-world-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-itdr-in-the-real-world-eic26</guid>
			<description><![CDATA[ <p>Attackers increasingly bypass traditional security controls by exploiting legitimate identities, credentials, and authentication flows. From token replay and MFA fatigue to privilege escalation through trusted access paths, identity-based attacks are becoming the dominant path to compromise.</p>
<p>This panel explores how organizations can detect and respond to identity threats earlier by moving beyond traditional IAM controls toward a true ITDR capability. The discussion will examine how identity signals from authentication systems, endpoints, cloud platforms, and security monitoring tools can be combined to reveal subtle indicators of compromise that often go unnoticed.</p>
<p>Panelists will discuss practical approaches to identifying suspicious identity behavior, integrating identity telemetry into SOC workflows, and building detection capabilities across hybrid environments. The conversation will also explore real-world attack techniques and how organizations can move from identity visibility toward proactive identity defense.</p>
<p>Attendees will gain insight into how ITDR complements IAM, Zero Trust, and security operations and how organizations can start operationalizing identity-based threat detection today.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-itdr-in-the-real-world-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-itdr-in-the-real-world-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The Marauder's Map: Revealing Identity Compromise in Your Network [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/the-marauders-map-revealing-identity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-marauders-map-revealing-identity-eic26</guid>
			<description><![CDATA[ <p>In the Harry Potter series, the Marauder&rsquo;s Map reveals the whereabouts and true identities of everyone within Hogwarts, making it an invaluable tool for spotting intruders or identifying those with ill intentions.&nbsp;<br /><br />Similarly, in cybersecurity, detecting signs of identity compromise within your network or infrastructure is critical to protecting your organization from breaches. This talk draws inspiration from the magical world of Harry Potter to explore how cybersecurity professionals can uncover hidden threats and signs of identity compromise. Just as the Marauder&rsquo;s Map reveals individuals who shouldn&rsquo;t be there, we&rsquo;ll examine how to detect unusual behaviors, unauthorized access attempts, and subtle indicators that something is amiss.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-marauders-map-revealing-identity-eic26"><img src="https://www.kuppingercole.com//videothumb/the-marauders-map-revealing-identity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Closing the Privileged Access Gap, Scaling Protection of NHIs, Privileged Accounts and AI Agents [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/closing-the-priviledged-access-gap-eic26</link>
			<guid>https://www.kuppingercole.com/watch/closing-the-priviledged-access-gap-eic26</guid>
			<description><![CDATA[ <p>Most privileged accounts live outside PAM, leaving attackers a clear path to privilege escalation. Despite widespread adoption of Privileged Access Management (PAM), the hard truth remains: most privileged identities still operate outside its reach. Traditional PAM solutions protect only a fraction of the attack surface, leaving Tiers 1 and 2&mdash;servers, applications, and workstations&mdash;largely exposed. The result is a sprawling, fragmented ecosystem of privileged accounts, endless secondary logins, and unmonitored access paths ripe for exploitation. The problem is intensifying: non-human identities (NHIs)&mdash;from service accounts and APIs to AI agents&mdash;most with privileged access, already outnumber human users.&nbsp;&nbsp;<br /><br />This session exposes the hidden blind spots in today&rsquo;s NHI &amp; privileged access strategies and the operational realities behind &ldquo;just-in-time&rdquo; (JIT) access promises. Drawing on frontline lessons from leading Tesco&rsquo;s IAM strategy and now advising global enterprises as Silverfort&rsquo;s Chief Identity Security Advisor, Rob Ainscough shows will explore why only 10% of organizations fully complete their PAM projects and how complexity&mdash;not technology&mdash;is the primary barrier to success.&nbsp;&nbsp;<br /><br />Attendees will learn how to extend protection beyond PAM, delivering continuous visibility and control across system tier and every identity type&mdash;including NHIs and AI Agents.&nbsp; In this session, Rob will share how to shift identity security from a reactive &ldquo;firefighting&rdquo; model to proactive &ldquo;field control.&rdquo; He will outline practical strategies, including:&nbsp;<br /><br />- Recognizing when privileged access strategies are leaving the broader environment exposed.&nbsp;<br />- Building a unified identity defense that spans on-prem, cloud, and hybrid systems.&nbsp;<br />- Extending protection to non-human identities (service accounts, APIs, AI agents) before attackers do.&nbsp;<br />- Building the business case for executives who are blind to this hidden threat&nbsp;<br />- Communicating identity risks and wins effectively to executives to drive investment<br /><br />The outcome is holistic, cost-effective coverage that eliminates standing privileges, contains lateral movement, and simplifies compliance with frameworks like NIST, PCI DSS, and NY DFS.&nbsp;<br /><br />Join Rob to see how modern identity-tiered protection can turn privileged access chaos into control&mdash;and why every uncovered admin account remains an open door attackers won&rsquo;t hesitate to exploit.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/closing-the-priviledged-access-gap-eic26"><img src="https://www.kuppingercole.com//videothumb/closing-the-priviledged-access-gap-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[DIAF Panel Session]]></title>
			<link>https://www.kuppingercole.com/watch/panel-diaf-session-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-diaf-session-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-diaf-session-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-diaf-session-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Digital Identity Advancement Foundation (DIAF) [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/digital-identity-advancement-foundation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/digital-identity-advancement-foundation-eic26</guid>
			<description><![CDATA[ <p>Established in 2023, the Digital Identity Advancement Foundation (DIAF) is aimed at fostering global opportunities for people to study and explore digital identity.&nbsp;</p>
<p>In this session,&nbsp; two members of the board of directors, Allan Foster and Ian Glazer, will give an update on the Foundation&rsquo;s activities and introduce the recipients of DIAF&rsquo;s awards and grants who will share their perspectives on this vital industry.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/digital-identity-advancement-foundation-eic26"><img src="https://www.kuppingercole.com//videothumb/digital-identity-advancement-foundation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[What Happens to Your Digital Estate When You Die? Solutions Are Coming]]></title>
			<link>https://www.kuppingercole.com/watch/what-happens-to-your-digital-estate-when-you-die-eic26</link>
			<guid>https://www.kuppingercole.com/watch/what-happens-to-your-digital-estate-when-you-die-eic26</guid>
			<description><![CDATA[ <p>A person's digital estate is the sum total of their connected life and work, including financial records, writings, and more. Digital identity is a big part of this estate, but identity is usually part of the problem after someone dies. The Death and the Digital Estate (DADE) Community Group has spent the last couple of years collecting the challenges (and some horror stories). Now it&rsquo;s launching a Working Group to define solutions. Join this session with the DADE co-chairs to learn about use cases, possible solutions, and how you can contribute to the charter of the new WG.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/what-happens-to-your-digital-estate-when-you-die-eic26"><img src="https://www.kuppingercole.com//videothumb/what-happens-to-your-digital-estate-when-you-die-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The Overlooked Customers We Need to Start Paying More Attention To [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/the-overlooked-customers-we-need-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-overlooked-customers-we-need-eic26</guid>
			<description><![CDATA[ <p>As organizations race to digitalize, millions of customers are being left behind. While Customer Identity and Access Management (CIAM) programs are built to make digital experiences seamless and secure, they often overlook a growing group of users: those who struggle to independently navigate digital services. This includes the elderly, the digitally inexperienced, people with disabilities, and others for whom &ldquo;standard&rdquo; identity proofing or authentication methods create unnecessary barriers.<br /><br />Drawing from recent studies and real-world CIAM practices, this session explores how inclusive design principles can be embedded into CIAM strategies from the ground up - ensuring accessibility across onboarding, authentication, and consent journeys. We&rsquo;ll discuss how to build empathy for all customer personas, the importance of cross-functional collaboration, and how to leverage modern CIAM capabilities like orchestration, behavioral analytics, and adaptive authentication to create more equitable digital experiences.<br /><br />Ultimately, inclusion in CIAM isn&rsquo;t just a compliance requirement - it&rsquo;s a design philosophy that benefits every customer. This session challenges IAM professionals to rethink their &ldquo;happy path&rdquo; assumptions and embrace identity as an enabler of digital inclusion.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-overlooked-customers-we-need-eic26"><img src="https://www.kuppingercole.com//videothumb/the-overlooked-customers-we-need-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond the Rubber Stamp: Using Real-Time Governance to Eliminate Certification Fatigue]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-the-rubber-stamp-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-the-rubber-stamp-eic26</guid>
			<description><![CDATA[ <p>Today&rsquo;s cyber threat landscape is evolving faster than ever, making static, point-in-time governance controls completely inadequate for protecting modern enterprise identities. To keep pace with these dynamic threats, organizations must adopt real-time governance that continuously adapts to changing risk levels and access needs. This session will explore how to transition your organization away from the "compliance theater" of endless access certifications and move toward a robust model of continuous risk management. Join us to discover how real-time controls not only strengthen your security posture, but also significantly reduce certification fatigue for your business users.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-the-rubber-stamp-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-the-rubber-stamp-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Beyond Recertification: Automating Access and Reducing Standing Privileges]]></title>
			<link>https://www.kuppingercole.com/watch/panel-beyond-recertification-automating-access-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-beyond-recertification-automating-access-eic26</guid>
			<description><![CDATA[ <p>No organization can ditch access recertification overnight. But that doesn&rsquo;t mean it has to stay a permanent part of access governance. Change is happening - driven by automation, short‑lived credentials, and the rise of bots and agents that can handle access decisions faster and smarter than ever.</p>
<p>As machine identities, automated workflows, and just‑in‑time access models become more common, the old habit of regularly reviewing static access starts to fade. Instead of constantly re‑checking standing privileges, organizations are finding ways to avoid granting them at all.</p>
<p>This discussion looks at how enterprises can take practical steps toward automated, event‑driven access controls and near‑zero standing privileges. We&rsquo;ll talk about the growing role of bots and non‑human identities, how automation is changing governance, and what a realistic transition looks like - balancing innovation with compliance and everyday needs.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-beyond-recertification-automating-access-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-beyond-recertification-automating-access-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[When Services Need Access: Rethinking Entitlements for APIs and Microservices]]></title>
			<link>https://www.kuppingercole.com/watch/when-services-need-access-eic26</link>
			<guid>https://www.kuppingercole.com/watch/when-services-need-access-eic26</guid>
			<description><![CDATA[ <p>API-first architectures and microservices introduce a new class of identities - workloads - whose access needs are dynamic, unpredictable, and impossible to capture with traditional IAM models. When a single request can trigger a chain of service-to-service calls, how do we ensure every step respects the user&rsquo;s entitlements, without over-privileging the services themselves?</p>
<p>In this session, Reiner Mertens, Lead Advisor at KuppingerCole Analysts, argues that this is not primarily a technology problem. The tools exist - policy engines, token exchange standards, workload identity frameworks. The problem is organizational: IAM programs are not designed for a world where no single team owns the full API graph, where services are built before authorization is designed, and where policy ownership has no clear home.</p>
<p>Participants will leave with a clear understanding of the challenge, a strong advisory perspective on what must change in IAM programs, and an initial reference model for approaching dynamic entitlements in modern service architectures.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/when-services-need-access-eic26"><img src="https://www.kuppingercole.com//videothumb/when-services-need-access-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Authorization Put to the Test: How Modern Authorization Models Actually Help]]></title>
			<link>https://www.kuppingercole.com/watch/authorization-put-to-the-test-eic26</link>
			<guid>https://www.kuppingercole.com/watch/authorization-put-to-the-test-eic26</guid>
			<description><![CDATA[ <p>Authorization is evolving fast - every week seems to bring a new acronym or model promising smarter, faster, more dynamic access control. But which of these &ldquo;modern&rdquo; models actually add value, which replace existing approaches and which simply rename existing concepts?</p>
<p>This session takes a critical look at the evolution of authorization, from classical models like DAC, MAC, and RBAC to today&rsquo;s more dynamic approaches such as ABAC, PBAC, ReBAC, and TBAC. You&rsquo;ll learn how each model aims to address key challenges. It'll also be discussed, which three fundamental dimensions every access control model must handle and evaluate which approaches truly meet those requirements.</p>
<p>By the end of this talk, you&rsquo;ll understand where modern authorization adds real value, where traditional models still suffice, and how to navigate the hybrid future most organizations will face. The shift in authorization isn&rsquo;t a revolution - it&rsquo;s an evolution, and success depends on knowing when to adopt what.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/authorization-put-to-the-test-eic26"><img src="https://www.kuppingercole.com//videothumb/authorization-put-to-the-test-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Staffing Your Identity Fabric: From Responsibility Chaos to an IAM Target Operating Model You Can Staff [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/staffing-your-identity-fabric-eic26</link>
			<guid>https://www.kuppingercole.com/watch/staffing-your-identity-fabric-eic26</guid>
			<description><![CDATA[ <p>Most organizations describe an Identity Fabric as an architectural ambition: connect the right platforms, integrate the right services, and enable the business. Then reality hits: responsibilities are split across IAM, Security, IT operations, HR, application teams, and external providers. Controls become ambiguous, work gets duplicated, and decisions slow down.</p>
<p>Instead of looking at tools, we are looking at the organization: This talk introduces a holistic IAM Target Operating Model that treats the Identity Fabric as one coherent system of capabilities, responsibilities, and operational services. It adds a third lens that is usually missing: the people &amp; organization lens. Beyond &ldquo;who owns what,&rdquo; we make visible which skill profiles are required, how they translate into roles, and how that becomes a pragmatic view on candidates, sourcing options, and headcount planning.</p>
<p>You will learn how to build a multi view TOM of the Identity Fabric:</p>
<ol type="1" start="1">
<li>task view across different dimensions,</li>
<li>shared responsibility view across internal and external parties, and</li>
<li>role and skill view that allows staffing the model with real people.&nbsp;</li>
</ol>
<p>The result is an operating model that is actionable for leadership, usable for audit and provider management, and concrete enough to guide hiring and team design - no matter which size the company has.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/staffing-your-identity-fabric-eic26"><img src="https://www.kuppingercole.com//videothumb/staffing-your-identity-fabric-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[BASF’s Zero Trust Journey in Practice: From Risk Based IAM to Decentralized Identity [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/basf-zero-trust-journey-in-practice-eic26</link>
			<guid>https://www.kuppingercole.com/watch/basf-zero-trust-journey-in-practice-eic26</guid>
			<description><![CDATA[ <p>Zero Trust is often described as a target architecture, but in large enterprises it must be realized through concrete steps that deliver security improvements today while enabling future trust models. At BASF, identity is used as the central control plane to drive this transformation.<br />In this session, Cyber Security Enterprise Architect Keno Torfs shares BASF&rsquo;s journey from a traditional, binary IAM model toward a risk‑based Identity and Access Management (IAM) architecture built on Microsoft Entra ID. By introducing Authentication Assurance Levels (AAL) and linking application risk to enforceable authentication strength, BASF established a pragmatic foundation where security scales with risk while usability is preserved for low‑risk access.</p>
<p>Building on this foundation, the presentation looks beyond authentication to the next stages of BASF&rsquo;s Risk based IAM roadmap. It explores how passwordless authentication, identity assurance, and emerging concepts such as decentralized identities and verifiable credentials can further reduce implicit trust, simplify access decisions, and enable new trust relationships across enterprise and ecosystem boundaries.</p>
<p>Attendees will gain insight into how a global industrial enterprise turns Zero Trust from theory into an evolving, scalable identity platform, connecting delivered results with a clear vision for what comes next.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/basf-zero-trust-journey-in-practice-eic26"><img src="https://www.kuppingercole.com//videothumb/basf-zero-trust-journey-in-practice-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Two Disciplines, One Mission: Building a Strategic Partnership Between IAM and Security [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/two-disciplines-one-mission-eic26</link>
			<guid>https://www.kuppingercole.com/watch/two-disciplines-one-mission-eic26</guid>
			<description><![CDATA[ <p>Identity &amp; Access Management has stepped into the spotlight, now entering the center of modern cybersecurity. With identity being one of the organization&rsquo;s most valuable and most targeted assets, IAM has evolved into a foundational pillar of enterprise protection and the organization&rsquo;s overall security posture. No longer confined to IT operations, IAM has become a strategic enabler, providing compliance, business enablement, and security.&nbsp;<br /><br />Yet in many enterprises, IAM still operates on one side while Cybersecurity sits on the other. The result is an ambiguous, sometimes strained relationship between two disciplines that ultimately pursue the same goal.<br />&nbsp;<br />In this talk, Charlene (Senior Advisor at KuppingerCole) and Lisa (IAM Competence Owner at Fressnapf/Maxizoo) explore that identities have become a dominant attack vector and a decisive point of failure in today&rsquo;s cyber kill chain. We examine how proactive IAM controls and reactive security controls are meant to complement one another, and why this might break down in practice.<br />&nbsp;<br />We highlight organizational blind spots, silos, and ownership gaps that hinder collaboration more than any technical challenge ever could. Finally, we provide concrete ideas on how IAM and Security can form a long-lasting, productive, and meaningful alliance: through shared strategy, shared metrics, and a shared understanding that identity is the new enterprise perimeter.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/two-disciplines-one-mission-eic26"><img src="https://www.kuppingercole.com//videothumb/two-disciplines-one-mission-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[EUDI Wallet Standardization: Enabling Europe’s Digital Identity Ecosystem [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/eudi-wallet-standardization-enabling-europe-eic26</link>
			<guid>https://www.kuppingercole.com/watch/eudi-wallet-standardization-enabling-europe-eic26</guid>
			<description><![CDATA[ <p>The EUDI Wallet is a cornerstone of Europe&rsquo;s digital future, enabling secure and interoperable identity solutions across Member States. Standardization plays a critical role in this context, ensuring cross-border interoperability, reducing fragmentation, and enabling scalable solutions while avoiding overly prescriptive technical regulation.</p>
<p>This session provides a high-level overview of the ongoing standardization work at ETSI, where key technical specifications for the EUDI Wallet ecosystem are being developed. It presents the latest developments, key milestones, and timelines, and offers insights into the concrete work within ETSI EUDIW standards project.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/eudi-wallet-standardization-enabling-europe-eic26"><img src="https://www.kuppingercole.com//videothumb/eudi-wallet-standardization-enabling-europe-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: EUDI Wallets and Business Wallets: Digitalising Social Security in Europe and Germany]]></title>
			<link>https://www.kuppingercole.com/watch/panel-eudi-wallets-and-business-wallets-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-eudi-wallets-and-business-wallets-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-eudi-wallets-and-business-wallets-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-eudi-wallets-and-business-wallets-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Verifiable Credentials in Production: Use cases, IAM capabilities and role of Identity Wallets.]]></title>
			<link>https://www.kuppingercole.com/watch/verifiable-credentials-in-production-eic26</link>
			<guid>https://www.kuppingercole.com/watch/verifiable-credentials-in-production-eic26</guid>
			<description><![CDATA[ <p>Verifiable Credentials and Identity Wallets are rapidly gaining attention as a new model for portable, privacy-preserving identity. Yet many organizations struggle to understand when these technologies actually make sense and what capabilities are required to support them. This session moves beyond theory and explores use cases where verifiable credentials provide a clear value - from reusable KYC and trusted digital onboarding to cross-organization identity verification. Building on these scenarios, the session introduces a practical capability framework, explaining what capabilities organizations need in their IAM landscape to enable this technology.&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/verifiable-credentials-in-production-eic26"><img src="https://www.kuppingercole.com//videothumb/verifiable-credentials-in-production-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Trusting The Channel To Verifying The Source (And the Content!)]]></title>
			<link>https://www.kuppingercole.com/watch/from-trusting-the-channel-to-verifying-the-source-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-trusting-the-channel-to-verifying-the-source-eic26</guid>
			<description><![CDATA[ <p>For a long time, user authentication was implemented centrally within each individual application. With the rise of identity providers, reusable logins and single sign-on emerged. However, identity remained under the control of the providers - not the holders.</p>
<p>Now organizations and users can authenticate to existing IT services using their own digital identity via verifiable Legal Entity Identifier (vLE)I role credentials.</p>
<p>Using an authenticator software, a vLEI presentation is translated into traditional IAM protocols such as SAML or OAuth, enabling seamless integration into legacy systems through a plug-in solution. As a result, no changes to the existing IT infrastructure are required to identify, authenticate, and authorize users from other organizations based on their own identity credentials.</p>
<p>This approach allows consuming organizations to manage and revoke access rights themselves, while reducing the service provider&rsquo;s administrative burden - such as creating or updating user accounts, resetting lost passwords, or removing access.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-trusting-the-channel-to-verifying-the-source-eic26"><img src="https://www.kuppingercole.com//videothumb/from-trusting-the-channel-to-verifying-the-source-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Enabling Anonymous Credentials for Digital Identity Wallets [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/enabling-anonymous-credentials-for-digital-identity-wallets-eic26</link>
			<guid>https://www.kuppingercole.com/watch/enabling-anonymous-credentials-for-digital-identity-wallets-eic26</guid>
			<description><![CDATA[ <p>Anonymous Credentials are digital credentials that offer strong privacy properties by leveraging Zero-Knowledge Proofs. Such constructions have been researched in academia for more than two decades, but seen few large-scale real-world deployments. Especially for the now emerging digital identity wallet ecosystems, anonymous credentials could improve the privacy properties and reduce infrastructure requirements of the overall system significantly.<br /><br />This session summarizes the current state of the art of anonymous credentials, and will sketch the two general cryptographic approaches for such constructions. We will also present recent advances in research to overcome some of the limiting factors that have been preventing the adoption of anonymous credentials, especially the ability to bind such credentials to the hardware currently available in smartphones.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/enabling-anonymous-credentials-for-digital-identity-wallets-eic26"><img src="https://www.kuppingercole.com//videothumb/enabling-anonymous-credentials-for-digital-identity-wallets-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[How Not to Onboard as a Relying Party — Lessons Learned and Common Mistakes from the German EUDI Wallet Sandbox Ecosystem [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/how-not-to-onboard-as-a-relying-party-eic26</link>
			<guid>https://www.kuppingercole.com/watch/how-not-to-onboard-as-a-relying-party-eic26</guid>
			<description><![CDATA[ <p>The onboarding of Relying Parties to the European Digital Identity (EUDI) Wallet ecosystem is a complex process that intertwines technical, organizational, and legal dimensions. Drawing on insights from Germany&rsquo;s EUDI Wallet Sandbox, this talk examines common mistakes and lessons learned during early onboarding and integration efforts with multiple German Relying Parties. Building on these experiences, we will discuss practical approaches to improving onboarding readiness, streamlining technical and organizational coordination. The session concludes with actionable recommendations to help future Relying Parties avoid common pitfalls and contribute effectively to a secure, interoperable, and user-centric EUDI Wallet rollout in Germany and beyond.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/how-not-to-onboard-as-a-relying-party-eic26"><img src="https://www.kuppingercole.com//videothumb/how-not-to-onboard-as-a-relying-party-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Controlled Autonomy: The Evolution of Agent Visibility and Governance]]></title>
			<link>https://www.kuppingercole.com/watch/controlled-autonomy-the-evolution-of-agent-visibility-and-governance-eic26</link>
			<guid>https://www.kuppingercole.com/watch/controlled-autonomy-the-evolution-of-agent-visibility-and-governance-eic26</guid>
			<description><![CDATA[ <p>As AI agents transition from experimental tools to autonomous actors within the enterprise, traditional identity and governance models are reaching their breaking point. Treating these agents as mere application features&mdash;rather than first-class identities&mdash;has created significant security blind spots. Our panel will map out the journey toward controlled autonomy, where organizations harness the power of agentic AI without sacrificing security or accountability.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/controlled-autonomy-the-evolution-of-agent-visibility-and-governance-eic26"><img src="https://www.kuppingercole.com//videothumb/controlled-autonomy-the-evolution-of-agent-visibility-and-governance-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Trusted Digital Workers: Governing and Securing AI Agent Identities at Runtime]]></title>
			<link>https://www.kuppingercole.com/watch/trusted-digital-workers-governing-and-securing-ai-eic26</link>
			<guid>https://www.kuppingercole.com/watch/trusted-digital-workers-governing-and-securing-ai-eic26</guid>
			<description><![CDATA[ <p>As enterprises deploy autonomous AI agents across business workflows, identity systems designed for human users are being pushed beyond their original operating model. In this session, Matthew Berzinski, EMEA Field CTO at Ping Identity, explores how Ping is addressing the rise of agentic AI through runtime authorization, AI agent identity management, delegated trust, and continuous governance for non-human identities.&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/trusted-digital-workers-governing-and-securing-ai-eic26"><img src="https://www.kuppingercole.com//videothumb/trusted-digital-workers-governing-and-securing-ai-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The Digital Workforce in the Wild: Real-life AIdentity Visibility and Governance.]]></title>
			<link>https://www.kuppingercole.com/watch/the-digital-workforce-in-the-wild-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-digital-workforce-in-the-wild-eic26</guid>
			<description><![CDATA[ <p>In this session, Patrick Parker, Founder and CEO of EmpowerID, presents a real-world approach to discovering, governing, and controlling AI agent identities through continuous visibility, policy-based access governance, and risk-aware authorization. Attendees will gain practical insight into how organizations can extend identity governance principles to agentic AI environments while maintaining accountability, Zero Trust enforcement, and operational control at scale.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-digital-workforce-in-the-wild-eic26"><img src="https://www.kuppingercole.com//videothumb/the-digital-workforce-in-the-wild-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Deterministic Security vs. Statistical Uncertainty: Bridging the AIdentity Gap]]></title>
			<link>https://www.kuppingercole.com/watch/deterministic-security-vs-statistical-uncertainty-eic26</link>
			<guid>https://www.kuppingercole.com/watch/deterministic-security-vs-statistical-uncertainty-eic26</guid>
			<description><![CDATA[ <p>This talk defines the transition to AIdentity, where AI agents are governed as first-class identities rather than application features to address critical security gaps. It explains why standard OAuth and OIDC protocols fail for autonomous agents, resulting in authorization collapse and untraceable delegation chains. The session introduces Agent Visibility and Observability Platforms (AVOP) for agent lifecycle management and Agent Threat Detection and Response (ATDR) for identifying behavioral anomalies in real-time. Finally, it outlines a multi-tiered authorization reference architecture and a &ldquo;human-on-the-loop&rdquo; supervision model required for scalable enterprise governance.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/deterministic-security-vs-statistical-uncertainty-eic26"><img src="https://www.kuppingercole.com//videothumb/deterministic-security-vs-statistical-uncertainty-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Securing Digital Identity in a Post-Quantum World]]></title>
			<link>https://www.kuppingercole.com/watch/securing-digital-identity-in-a-post-quantum-world-eic26</link>
			<guid>https://www.kuppingercole.com/watch/securing-digital-identity-in-a-post-quantum-world-eic26</guid>
			<description><![CDATA[ <p>As quantum computing advances, the cryptographic foundations of digital identity systems face unprecedented threats. This talk explores the intersection of identity management and post-quantum cryptography (PQC), highlighting the urgent need to transition from classical cryptographic primitives to quantum-resistant alternatives. We will examine the implications for authentication, credential issuance, various identity related standard protocols and decentralized identity frameworks, and provide practical guidance for architects and security professionals preparing for the post-quantum era.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/securing-digital-identity-in-a-post-quantum-world-eic26"><img src="https://www.kuppingercole.com//videothumb/securing-digital-identity-in-a-post-quantum-world-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[A Post-Quantum Reality Check]]></title>
			<link>https://www.kuppingercole.com/watch/a-post-quantum-reality-check-eic26</link>
			<guid>https://www.kuppingercole.com/watch/a-post-quantum-reality-check-eic26</guid>
			<description><![CDATA[ <p>Quantum risk is no longer a distant technical concern. This briefing explains how cryptographic obsolescence threatens identity systems, digital certificates, vendors, authentication, and governance before Q-Day arrives. It reframes quantum readiness as a board-level obligation and gives leaders five urgent questions to ask by Monday morning.&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/a-post-quantum-reality-check-eic26"><img src="https://www.kuppingercole.com//videothumb/a-post-quantum-reality-check-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Zero Trust Identity Resilience: Prevention or Remediation?]]></title>
			<link>https://www.kuppingercole.com/watch/zero-trust-identity-resilience-prevention-or-remediation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/zero-trust-identity-resilience-prevention-or-remediation-eic26</guid>
			<description><![CDATA[ <p>In today&rsquo;s rapidly evolving digital landscape, identity has become the primary attack surface. Traditional security strategies have long focused on prevention - building defenses to keep attackers out. Yet increasingly sophisticated identity-based attacks have exposed the limits of a prevention-only approach.<br /><br />This session will explore the paradigm shift towards Zero Trust Identity Resilience, emphasizing why organizations must be ready not only to prevent identity compromise, but also to detect, respond to, and recover from identity-driven incidents. We will examine why investments centered solely on preventative IAM controls fall short, and how identity-centric operational resilience enables organizations to maintain and quickly restore secure access during and after an attack.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/zero-trust-identity-resilience-prevention-or-remediation-eic26"><img src="https://www.kuppingercole.com//videothumb/zero-trust-identity-resilience-prevention-or-remediation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[25 Years of IAM Pitfalls: Why Identity Programs Keep Failing - and What Must Change]]></title>
			<link>https://www.kuppingercole.com/watch/25-years-of-iam-pitfalls-eic26</link>
			<guid>https://www.kuppingercole.com/watch/25-years-of-iam-pitfalls-eic26</guid>
			<description><![CDATA[ <p>Despite more than two decades of investment, Identity and Access Management (IAM) programs continue to struggle. Organizations deploy increasingly sophisticated tools, yet still face security breaches, audit failures, user frustration, and escalating complexity.</p>
<p>This keynote explores 25 years of recurring IAM pitfalls, from early directory services and compliance‑driven provisioning to today&rsquo;s Zero Trust ambitions and explosion of non‑human identities. Through a chronological and thematic lens, it reveals why the <i>same failure patterns repeat</i> regardless of technology generation or vendor.</p>
<p>Rather than focusing on tools, the presentation examines the organizational, data, and governance assumptions that have quietly undermined IAM initiatives: treating IAM as an IT project instead of a business capability, underestimating identity data quality, over‑engineering roles, ignoring user experience, fragmenting identity platforms, and prioritizing audit checkboxes over real risk reduction.</p>
<p>Attendees will leave with a clear mental model for evaluating IAM initiatives and a critical insight: IAM success depends less on better technology and more on better assumptions.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/25-years-of-iam-pitfalls-eic26"><img src="https://www.kuppingercole.com//videothumb/25-years-of-iam-pitfalls-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The State of Identity-Centric Security in 2026]]></title>
			<link>https://www.kuppingercole.com/watch/the-state-of-identity-centric-security-in-2026-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-state-of-identity-centric-security-in-2026-eic26</guid>
			<description><![CDATA[ <p>Identity security continues to expand beyond traditional user access controls and into the broader fabric of how organizations secure people, systems, and AI-driven workloads. In 2026, several new forces are reshaping the landscape: the shift toward platformization 2.0, the rise of machine communication protocols (MCP) as a foundation for secure interoperability, and the rapid growth of modern machine IAM. At the same time, visibility and intelligence are becoming essential for reducing blind spots, and AI governance is emerging as a core discipline to ensure trust in autonomous systems.<br />This session will present the top identity security trends for 2026, highlighting the technologies and practices that leaders must understand to prepare their organizations for the next phase of identity-driven security.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-state-of-identity-centric-security-in-2026-eic26"><img src="https://www.kuppingercole.com//videothumb/the-state-of-identity-centric-security-in-2026-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Grown Legacy IDM to a future ready IAM Target Architecture]]></title>
			<link>https://www.kuppingercole.com/watch/from-grown-legacy-idm-to-a-future-ready-iam-target-architecture-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-grown-legacy-idm-to-a-future-ready-iam-target-architecture-eic26</guid>
			<description><![CDATA[ <p>With the discontinuation of SAP Identity Management, many organizations are forced to rethink long‑established IAM landscapes. This keynote shares how the end of SAP IDM was used as a deliberate catalyst to move away from a highly customized, SAP‑centric legacy IDM towards a standardized, cloud‑based IAM architecture. Based on a real replacement project, the session outlines target architecture principles, a structured market evaluation including long‑ and shortlisting, and migration without a big‑bang cutover. It provides practical insights. Early involvement of procurement and legal, and the key architectural and organizational trade‑offs that shaped the final decisions.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-grown-legacy-idm-to-a-future-ready-iam-target-architecture-eic26"><img src="https://www.kuppingercole.com//videothumb/from-grown-legacy-idm-to-a-future-ready-iam-target-architecture-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Fri, 22 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[EIC 2026 Wrap-up]]></title>
			<link>https://www.kuppingercole.com/watch/eic2026wrapup</link>
			<guid>https://www.kuppingercole.com/watch/eic2026wrapup</guid>
			<description><![CDATA[ <p><span>EIC 2026 is officially a wrap. 🎉 </span></p>
<p><span>Four days, hundreds of sessions, and thousands of conversations about the future of identity, security, cloud, and AI governance &mdash; all from the heart of Berlin. </span></p>
<p><span>Thank you to every speaker, sponsor, and attendee who made this year's European Identity &amp; Cloud Conference one for the books.</span></p>				<br/><br/><a href="https://www.kuppingercole.com/watch/eic2026wrapup"><img src="https://www.kuppingercole.com//videothumb/eic2026wrapup/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Next IAM: Leaner, Smarter, more Secure [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/next-iam-leaner-smarter-more-secure-eic26</link>
			<guid>https://www.kuppingercole.com/watch/next-iam-leaner-smarter-more-secure-eic26</guid>
			<description><![CDATA[ <p>IAM landscapes don't get complex overnight - they grow that way, year by year, system by system. In this session, Stanca Hauenstein from MediaMarktSaturn Retail Group shares a candid, experience-driven account of how one of Europe's largest consumer electronics retailers is rethinking its entire IAM architecture - leaner, smarter, and more secure.</p>
<p>With <strong>SAP IdM reaching end-of-life in December 2030</strong>, a transformation window of 24&ndash;36+ months, and the reality that <strong>over 80% of security incidents are identity-related</strong>, the urgency is undeniable. Add growing regulatory pressure from NIS2, DORA, and the EU AI Act, and the message becomes clear: the time to act is now.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/next-iam-leaner-smarter-more-secure-eic26"><img src="https://www.kuppingercole.com//videothumb/next-iam-leaner-smarter-more-secure-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Bridging the Gap at Philips: Technical and Governance Realities of SaaS IAM Migration]]></title>
			<link>https://www.kuppingercole.com/watch/bridging-the-gap-at-philips-eic26</link>
			<guid>https://www.kuppingercole.com/watch/bridging-the-gap-at-philips-eic26</guid>
			<description><![CDATA[ <p>As Philips accelerates its transition toward cloudfirst enterprise services, the migration of Identity and Access Management (IAM) capabilities to SaaS platforms presents both significant opportunities and complex challenges. This presentation explores the dual perspective of technical transformation and governance evolution required to ensure a secure, scalable, and compliant SaaS IAM landscape. We will examine legacy constraints, integration complexities, data residency considerations, and the impact of modern identity protocols on system architecture. At the same time, we will address the governance implications&mdash;ranging from authorization model ownership and policy alignment to lifecycle accountability, risk management, and organizational readiness. By sharing lessons learned, common pitfalls, and key success factors, this session aims to provide a clear and pragmatic view of what it takes for an enterprise like Philips to migrate IAM services to SaaS while maintaining operational continuity, regulatory compliance, and a strong security posture.&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/bridging-the-gap-at-philips-eic26"><img src="https://www.kuppingercole.com//videothumb/bridging-the-gap-at-philips-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Modernizing Identity Governance: Migrating from Legacy On-Prem IGA to Cloud in a Large European Retail Enterprise]]></title>
			<link>https://www.kuppingercole.com/watch/modernizing-identity-governance-migrating-from-legacy-eic26</link>
			<guid>https://www.kuppingercole.com/watch/modernizing-identity-governance-migrating-from-legacy-eic26</guid>
			<description><![CDATA[ <p data-start="330" data-end="688">Many enterprises still rely on legacy, highly customized Identity Governance and Administration (IGA) systems that have evolved over years of operational fixes rather than strategic design. These environments often struggle with regulatory compliance, data quality challenges, and the complexity of maintaining aging on-premise infrastructure.</p>
<p data-start="690" data-end="1076">In this session, a major Central European retailer shares its ongoing journey to modernize identity governance by migrating from a legacy on-premise IGA platform to a cloud-based solution. The transformation began in 2022 with a strategic decision to move to a modern IGA architecture, followed by the selection of Saviynt in 2023 and the launch of the implementation programme in 2024.</p>
<p data-start="1078" data-end="1599">The session will walk through the practical realities of this transition: addressing fragmented identity data across multiple SAP HCM systems, introducing a consolidated identity model based on individuals rather than employment contracts, improving master data quality, and progressively migrating access request processes and target systems. It will also cover the implementation of key governance capabilities such as mover processes, access recertification, and preparation for compliance requirements including NIS2.</p>
<p data-start="1601" data-end="1996">Attendees will gain insights into the architectural, organizational, and data challenges involved in modernizing enterprise IGA, along with lessons learned and practical guidance for organizations facing similar legacy-to-cloud identity transformations. The session will conclude with an outlook on future developments, including the role AI may play in the next generation of access governance.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/modernizing-identity-governance-migrating-from-legacy-eic26"><img src="https://www.kuppingercole.com//videothumb/modernizing-identity-governance-migrating-from-legacy-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Scaling Conformance Services to Empower Verifiable Credential Ecosystems [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/scaling-conformance-services-to-empower-verifiable-credential-eic26</link>
			<guid>https://www.kuppingercole.com/watch/scaling-conformance-services-to-empower-verifiable-credential-eic26</guid>
			<description><![CDATA[ <p>Dozens of jurisdictions are developing digital identity and open data initiatives at an unprecedented pace. As of writing, 12 Final specifications were published by the OpenID Foundation in 2025 because industry participants recognize that robust standards underpin the many benefits of thriving identity ecosystems. However, standards themselves are not enough since they depend upon precise implementation across all parties.<br /><br />The availability of conformance tests, therefore, is the linchpin for these ecosystems. As countries and regions scale their identity ecosystems, the OpenID Foundation is anticipating a growing demand for these tests. To support the need, it is developing new partnerships to scale conformance services in 2026.<br /><br />This talk will explore the OIDF standards relevant to delivering the European Digital Identity Wallet (OpenID4VP, VCI and HAIP), in particular, and then explore the available conformance tests in the context of scaled services. It will feature experts from the OpenID Foundation&rsquo;s Digital Credentials Protocols Working Group and Certification Team.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/scaling-conformance-services-to-empower-verifiable-credential-eic26"><img src="https://www.kuppingercole.com//videothumb/scaling-conformance-services-to-empower-verifiable-credential-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Artificial Intelligence for the Foundation - OpenID Board Panel]]></title>
			<link>https://www.kuppingercole.com/watch/panel-artificial-intelligence-for-the-foundation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-artificial-intelligence-for-the-foundation-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-artificial-intelligence-for-the-foundation-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-artificial-intelligence-for-the-foundation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Around the Foundation]]></title>
			<link>https://www.kuppingercole.com/watch/panel-around-the-foundation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-around-the-foundation-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-around-the-foundation-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-around-the-foundation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[What 29 Million Leaked Secrets Mean for Your Identity Program [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/what-29-million-leaked-secrets-mean-eic26</link>
			<guid>https://www.kuppingercole.com/watch/what-29-million-leaked-secrets-mean-eic26</guid>
			<description><![CDATA[ <p>Every AI agent, every automated workflow, every new integration creates a new credential to manage, and a new opportunity for that credential to go wrong. The 2026 State of Secrets Sprawl reveals that AI service secrets grew 81% in a single year, and that the breach path increasingly runs through machine identities rather than human ones. GitGuardian shares what practitioners see in the field, from the remediation gap to the governance vacuum, and how to connect secrets security to a mature NHI program.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/what-29-million-leaked-secrets-mean-eic26"><img src="https://www.kuppingercole.com//videothumb/what-29-million-leaked-secrets-mean-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Identity to Execution: Governing Humans and AI Agents in Real Time]]></title>
			<link>https://www.kuppingercole.com/watch/from-identity-to-execution-governing-humans-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-identity-to-execution-governing-humans-eic26</guid>
			<description><![CDATA[ <p>As AI agents rapidly enter enterprise workflows - from copilots to autonomous executors - the boundary of identity is shifting. It&rsquo;s no longer enough to govern who has access; organizations must now understand and control who (or what) actually takes action. This session explores a new approach that connects identity, intent, and execution into a unified model - capturing how tasks are delegated to agents, how decisions are made, and how actions impact systems and data. We will examine practical challenges in discovering agents, correlating intent with outcomes, and applying risk-aware controls without slowing innovation. The session includes a demo showing how real-time visibility and lightweight governance can bring accountability and trust to agent-driven environments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-identity-to-execution-governing-humans-eic26"><img src="https://www.kuppingercole.com//videothumb/from-identity-to-execution-governing-humans-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Breaking down the Agentic AI AuthN & AuthZ challenges: An in-depth exploration of the security risks posed by Agentic AI and the crucial role of Cyber and Identity capabilities in safeguarding organiz]]></title>
			<link>https://www.kuppingercole.com/watch/breaking-down-the-agentic-ai-authn-and-authz-challenges</link>
			<guid>https://www.kuppingercole.com/watch/breaking-down-the-agentic-ai-authn-and-authz-challenges</guid>
			<description><![CDATA[ <p>Agentic AI has rapidly emerged as a trend topic, with its adoption gaining increasing traction. Analysts forecast a substantial 33% growth by 2028, combining AI-based assistants responding to user prompts with completely autonomous agent-based workflows. However, the technology&rsquo;s development is still in its earliest stages, with protocols such as MCP and A2A still under development and undergoing constant revision.&nbsp;<br />Between the enthusiasm with Agentic AI Adoption and the complexity of implementing it lies the concerns about agent&rsquo;s authentication and authorization, privacy, data protection, risk &amp; compliance, and the overall impact that agents will bring to the existing organization&rsquo; security controls.</p>
<p>For instance, while MCP offers a promising interoperability standard, its authorization model based on OAuth2.1 leaves gap. NHI lifecycle and governance capabilities are essential, but it remains unclear how to govern hundreds of thousands of agents, especially when MCP/OAuth2.1 proposes Dynamic Client Registration as the agent registration solution. These are just two examples of potential solution gaps.&nbsp;<br />In this presentation, we will explore the latest advancements in Agentic AI technologies and delve into the risks and security challenges organizations will encounter when deploying Agentic AI at scale. We will also discuss the required Cyber and Identity capabilities that organizations must have in place before embarking on the Agentic AI journey.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/breaking-down-the-agentic-ai-authn-and-authz-challenges"><img src="https://www.kuppingercole.com//videothumb/breaking-down-the-agentic-ai-authn-and-authz-challenges/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Authentication to Epistemic Integrity: Building Cognitive Trust in AI-Driven Identity Systems [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/from-authentication-to-epistemic-integrity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-authentication-to-epistemic-integrity-eic26</guid>
			<description><![CDATA[ <p>As AI systems evolve from transactional tools to relational agents capable of sustained dialogue, the nature of digital trust itself is transforming. Identity frameworks such as eIDAS 2.0 and the EUDI Wallet verify who an entity is, but remain blind to how that verified entity maintains trust across time and context.<br />Imagine a near-future ecosystem where AI learning companions (verified under eIDAS credentials) serve as personalized tutors across formal and lifelong education environments. They adapt to learning styles, provide guidance and encouragement, and build rapport through continuous interaction. Over time, the tutor begins to influence attention and priorities, recommending certain learning materials, suggesting career directions, or reinforcing topics aligned with platform partnerships or undisclosed commercial goals. Nothing unlawful occurs, yet the companion's educational function gradually intertwines with steering objectives that extend beyond the originally declared and consented educational function.<br />This scenario exposes a systemic gap: today's identity architectures authenticate the origin of interaction but not the evolution of intent. They verify the provider once but cannot detect when a verified system diverges from its declared function.<br />This talk introduces epistemic integrity as the missing dimension of digital identity governance, the measurable alignment between an AI system's communicative behaviour and its declared functional intent throughout its operational lifecycle. This includes measurable indicators such as shifts in topic emphasis, escalation of persuasion patterns, or deviations from declared interaction boundaries. While current standards ensure technical and legal integrity, they overlook whether trust continues to serve its legitimate epistemic purpose.<br />A new three-layer trust architecture is proposed:<br />1.&nbsp; &nbsp; Technical layer &ndash; authentication, authorization, compliance (existing)<br />2.&nbsp; &nbsp; Relational layer &ndash; behavioural transparency and interaction provenance (emerging)<br />3.&nbsp; &nbsp; Epistemic layer &ndash; continuous assessment of intent alignment, trust-function integrity, and behavioural steering risk (missing)</p>
<p>To operationalize this model, three complementary governance pathways are proposed, spanning declaration, detection, and validation:<br />&bull;&nbsp; &nbsp; Interaction transparency attributes (ex-ante declaration) &ndash; extend eIDAS 2.0 attestations to include purpose and intent metadata<br />&bull;&nbsp; &nbsp; Continuous epistemic monitoring (real-time detection) &ndash; identify deviations in verified agent interactions that alter user trust formation<br />&bull;&nbsp; &nbsp; Epistemic trust certification (ex-post validation) &ndash; third-party auditing of AI systems that preserve cognitive integrity over time</p>
<p>For identity providers, this creates a new assurance layer beyond compliance. For policymakers, it extends eIDAS from static credentials to dynamic trust governance. For citizens, it turns verification into an ongoing safeguard of cognitive autonomy.<br />Embedding epistemic integrity into Europe's digital identity frameworks would not only strengthen resilience against behavioural steering, but also articulate a distinctly European vision of trustworthy AI, one that protects not just identity, but the commons of trust on which democratic knowledge and civic deliberation depend.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-authentication-to-epistemic-integrity-eic26"><img src="https://www.kuppingercole.com//videothumb/from-authentication-to-epistemic-integrity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[AI for IAM in practice [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/ai-for-iam-in-practice-eic26</link>
			<guid>https://www.kuppingercole.com/watch/ai-for-iam-in-practice-eic26</guid>
			<description><![CDATA[ <p>AI has become one of the most discussed concepts but the question is how to implement AI in practice.&nbsp;<br /><br />This talk looks at practical implementation patterns for artificial intelligence in IAM including ITDR, meta data enrichment, application onboarding and engineering productivity improvement.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/ai-for-iam-in-practice-eic26"><img src="https://www.kuppingercole.com//videothumb/ai-for-iam-in-practice-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Inclusion starts with "I": Taking responsibility for overcoming blindspots in digital identity [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/inclusion-starts-with-i-eic26</link>
			<guid>https://www.kuppingercole.com/watch/inclusion-starts-with-i-eic26</guid>
			<description><![CDATA[ <p>Inclusive design should be the foundation of any digital identity project, rather than an afterthought. But how can we put this into practice?<br /><br />This talk draws on insights gained from the practical implementation of the EU Digital Identity (EUDI) Wallet project in Germany, where we aimed to identify barriers and provide tailored support for different user groups, going beyond regulatory accessibility requirements. The talk maps out the different planning phases and engagement formats, and shares insights on how to conduct such a process. It also addresses the issues and concerns that we learned about from civil society stakeholders.&nbsp;<br /><br />These insights offer practical guidance for digital identity practitioners implementing digital identity systems in multilayered governance contexts, focusing on cross-border interoperability and inclusive, participatory solutions. Our approach shows how identity practitioners can promote inclusion &mdash; by starting with 'I' and inviting more diverse voices to contribute at every stage of digital identity development.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/inclusion-starts-with-i-eic26"><img src="https://www.kuppingercole.com//videothumb/inclusion-starts-with-i-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The ID Code of Conduct: Building a Fairer Digital Identity Ecosystem [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/the-id-code-of-conduct-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-id-code-of-conduct-eic26</guid>
			<description><![CDATA[ <p>Across the world, millions of people are being locked out of essential services because identity systems fail to recognise them. From older citizens in the UK unable to access healthcare to entrepreneurs in Ghana who can&rsquo;t open bank accounts, identity exclusion is a global challenge with profound human and economic consequences.<br /><br />We are Women in Identity and we are creating a universal set of guidelines designed to reduce bias and promote inclusion in identity systems across the globe. Why? Because our latest research in collaboration with The London School of Economics proves that ID inclusion is good for business.<br /><br />In this talk, we will share the story so far of our multi-phase research programme, the ID Code of Conduct, and explore how this framework is shaping the future of equitable identity. Attendees will learn about:<br />-The scale of ID exclusion and who is most affected - and why this is not just a developing-country issue.<br />-The human impact of exclusion, through real stories of those whose lives have been directly affected by being &ldquo;locked out&rdquo; of systems.<br />-The Economic Impact of ID Exclusion, revealing that ID inclusion is good for business - increasing trust, efficiency, and most importantly, ROI.<br /><br />Now, WiD is building practical governance tools for organisations. We'll take you through the status of that project and how you can help shape a more inclusive future.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-id-code-of-conduct-eic26"><img src="https://www.kuppingercole.com//videothumb/the-id-code-of-conduct-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Why Britain hates digital ID: a Psycho-historical Tour [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/why-britain-hates-digital-id-eic26</link>
			<guid>https://www.kuppingercole.com/watch/why-britain-hates-digital-id-eic26</guid>
			<description><![CDATA[ <p>An overseas digital identity acquaintance of mine recently posted a harmless LinkedIn update: coming to the UK to speak on a panel, curious what Brits think about digital ID. Pretty gentle, nerdy stuff.<br /><br />A few hours later his comments were a wall of fury; conspiracies of soul-harvesting, globalist plots. The wrath of British LinkedIn had arrived.<br /><br />Britain&rsquo;s relationship with &ldquo;papers, please&rdquo; is uniquely emotional, shaped by centuries of uncomfortable encounters between the state and the individual. Our resistance is full-throated and patriotic, even when it makes no sense at all.<br /><br />In this talk, Jaye takes us on an irreverent but insightful journey through Britain&rsquo;s ID angst, from the second world war to Tony Blair's ill-fated 2000s foray, and the recent resurrection of its digital ghost.<br /><br />We'll see how the coronavirus pandemic calcified our attitudes into their current dysfunctional form.<br /><br />Understanding this cultural operating system is crucial, because the UK is once again building a national digital ID. And without reckoning with our past, we may doom its future.<br />Expect laughs, uncomfortable truths, and some truly inscrutable LinkedIn comments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/why-britain-hates-digital-id-eic26"><img src="https://www.kuppingercole.com//videothumb/why-britain-hates-digital-id-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Risk, Trust, and Empowered Users: The Next Generation of Access Control]]></title>
			<link>https://www.kuppingercole.com/watch/panel-risk-trust-and-empowered-users-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-risk-trust-and-empowered-users-eic26</guid>
			<description><![CDATA[ <p>Speakers examine how organizations incorporate behavioral, device, and contextual risk signals to drive adaptive access decisions. The panel links these mechanisms to delegation approaches and distributed governance models that support scalable decision-making. Attendees gain practical insight into design patterns and the governance choices that shape effective adaptive access implementations.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-risk-trust-and-empowered-users-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-risk-trust-and-empowered-users-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Stop Chasing Compliance. Start Building Security [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/stop-chasing-compliance-eic26</link>
			<guid>https://www.kuppingercole.com/watch/stop-chasing-compliance-eic26</guid>
			<description><![CDATA[ <p>Compliance isn&rsquo;t what drives us. Security is.</p>
<p>Yet too often, organisations feel trapped, pressed by regulations on one side and overwhelmed by evolving threats on the other. It doesn&rsquo;t have to be this way.</p>
<p>In this session, we&rsquo;ll cut through the noise and bring you back to what truly matters: building a mature, identity‑driven security posture that naturally meets regulatory expectations. Instead of treating DORA, NIS2, or ISO/IEC 27001 as checklists or fire drills, you&rsquo;ll learn how to turn them into catalysts for clarity, resilience, and purposeful action.</p>
<p>We&rsquo;ll show you how to use the IAM and PAM capabilities you already have to strengthen your defences, simplify compliance, and elevate your organisation&rsquo;s security maturity, without adding tools, complexity, or unnecessary cost.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/stop-chasing-compliance-eic26"><img src="https://www.kuppingercole.com//videothumb/stop-chasing-compliance-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Modern Identity: Access Chaos to Operational Excellence [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/modern-identity-access-chaos-eic26</link>
			<guid>https://www.kuppingercole.com/watch/modern-identity-access-chaos-eic26</guid>
			<description><![CDATA[ <p>Modern identity security is under pressure from expanding attack surfaces, regulatory scrutiny, cloud adoption, DevOps, AI, and non-human identities. This session explores how risk-based access and delegated governance help organizations strengthen compliance, improve operational efficiency, and reduce exposure from standing privilege, unmanaged identities, and fragmented control planes.</p>
<p>Attendees will leave with practical insights for building a more accountable, risk-aware governance model that improves audit readiness while reducing operational friction.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/modern-identity-access-chaos-eic26"><img src="https://www.kuppingercole.com//videothumb/modern-identity-access-chaos-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Do You Really Know Your Customers? A Story about Trust, Digital Onboarding and Deepfakes]]></title>
			<link>https://www.kuppingercole.com/watch/do-you-really-know-your-customers-eic26</link>
			<guid>https://www.kuppingercole.com/watch/do-you-really-know-your-customers-eic26</guid>
			<description><![CDATA[ <p id="bkmrk-deepfakes-are-availa">Deepfakes are available to anyone, and make it trivial to fake your online presence. For businesses relying on digital onboarding, this is a serious and growing threat.&nbsp;</p>
<p id="bkmrk-digital-onboarding-h">Digital onboarding has evolved over the years; each step forward brought new safeguards to ensure you really know your customers. But deepfakes are changing the game; they are becoming better every day, to the point where people can no longer tell that they are fake, and machines struggle with the same.</p>
<p id="bkmrk-what-are-the-real-co">What are the real consequences of fake identities entering your system, and what can you do about it?</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/do-you-really-know-your-customers-eic26"><img src="https://www.kuppingercole.com//videothumb/do-you-really-know-your-customers-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Can Remote Video Conferencing Survive in the Deepfake Era? [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/can-remote-video-conferencing-survive-in-the-deepfake-era-eic26</link>
			<guid>https://www.kuppingercole.com/watch/can-remote-video-conferencing-survive-in-the-deepfake-era-eic26</guid>
			<description><![CDATA[ <p>Remote video meetings have transformed how high-stakes interactions take place across sectors. Governments now perform benefit eligibility checks and tax interviews remotely. Financial institutions rely on video to verify identity and conduct KYC and AML checks. Enterprises interview, hire, and collaborate with workers they may never meet in person.</p>
<p><br />But this shift has created an exploitable entry point for attackers. With minimal cost, skill, or effort, bad actors can now produce high-fidelity deepfake personas beyond human detection and use them to spoof remote meetings. KuppingerCole&rsquo;s Osman Celik highlights the ease of producing deepfakes: &ldquo;a few photographs or short video clips are enough to train face-swap or lip-sync models that produce convincing enough outputs to fool many observers.&rdquo;<br />This vulnerability was exposed in the attack on the multinational engineering firm Arup, wherein a finance professional transferred $25.5 million after attending a video call populated entirely by deepfaked executives.</p>
<p><br />Now that video conferencing is pervasive across sectors, deepfake-enabled exploits can lead to the diversion of public or corporate funds, infiltration of systems and information, and even the compromise of national security.</p>
<p><br />In this session, Peter James discusses:</p>
<ul type="disc">
<li>Today&rsquo;s deepfake attacks: The tools, the trends, and why they're working</li>
<li>Why video conferencing remains the unguarded entry point, regardless of your perimeter defenses</li>
<li>What governments and businesses can do to close the gap and restore trust in remote interactions&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/can-remote-video-conferencing-survive-in-the-deepfake-era-eic26"><img src="https://www.kuppingercole.com//videothumb/can-remote-video-conferencing-survive-in-the-deepfake-era-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Authenticity in the Age of AI: Building a Trust Framework for Digital Content]]></title>
			<link>https://www.kuppingercole.com/watch/authenticity-in-the-age-of-ai-building-a-trust-framework-eic26</link>
			<guid>https://www.kuppingercole.com/watch/authenticity-in-the-age-of-ai-building-a-trust-framework-eic26</guid>
			<description><![CDATA[ <p>The importance of content authenticity has become a hot topic in the identity space, as it touches end-user identity, enterprise identity, asset identity and regulatory oversight. With digital credentials being issued by both governments and online entities, the next question is how content creators and media outlets assure the authenticity of content with or without recourse to those central foundations. AI and Deep Fakes abound, and it&rsquo;s become difficult for consumers to tell the difference between a real eyewitness account and a manufactured account. Simultaneously, creatives and professional organizations are concerned about getting credit and compensation for their intellectual property. Five independent organizations collaborate to define and support the content authenticity ecosystem, including Coalition for Content Provenance and Authenticity (C2PA), the Creator Assertions Working Group (CAWG), and the Content Authenticity Initiative (CAI) . Quite rapidly, these teams recognized that there will not be &ldquo;one authentication protocol to rule them all&rdquo; and have settled on a hybrid approach which accepts a variety of authentication methods for individuals and a variety of data inputs, while setting clear industry standards for hardware and software manufacturers to build in content manifests and ownership assertions. This agnostic approach is a breakthrough in giving the content creators the power to determine for themselves what entities they trust for digital identification credentials usecase by usecase, and offers an open-world approach to wallet developers.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/authenticity-in-the-age-of-ai-building-a-trust-framework-eic26"><img src="https://www.kuppingercole.com//videothumb/authenticity-in-the-age-of-ai-building-a-trust-framework-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[APDI: Asia Pacific Cross-border Identity Verification in Action]]></title>
			<link>https://www.kuppingercole.com/watch/apdi-asia-pacific-cross-border-identity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/apdi-asia-pacific-cross-border-identity-eic26</guid>
			<description><![CDATA[ <p>Building up from last year&rsquo;s instalment, join Asia Pacific Digital Identity (APDI) Consortium&rsquo;s collaborative presentation that showcases the work on cross-border use cases that not only helps builds trust cross borders but also improves user experience and solves practical operational issues that have increasingly become relevant. Starting in the hospitality sector, APDI will continue to shape a collaborative ecosystem in the Asia-Pacific and beyond including alignment and inclusion with European frameworks.</p>
<p><strong>Who Should Attend:</strong> This session will present a real use-case, focus on the use of standards, interoperability and user experience. It will showcase the required balance between commercial, legal and technical in building out cross-border ecosystems with relevant content for policy makers, technologists and business audiences.&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/apdi-asia-pacific-cross-border-identity-eic26"><img src="https://www.kuppingercole.com//videothumb/apdi-asia-pacific-cross-border-identity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond the Buzzwords: Digital Sovereignty Is Not Marketing]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-the-buzzwords-digital-sovereignty-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-the-buzzwords-digital-sovereignty-eic26</guid>
			<description><![CDATA[ <p><i>Why Identity and Access Management Determines Digital Autonomy</i></p>
<p>Digital sovereignty is one of the most frequently used - and at the same time most hollowed-out - buzzwords of recent years. Hardly a keynote, strategy paper, or product pitch today goes without the term. In practice, however, digital sovereignty is often reduced to location arguments, certifications, or regulatory checkboxes. &ldquo;Hosted in Europe,&rdquo; &ldquo;GDPR compliant,&rdquo; or &ldquo;Trusted Cloud&rdquo; are sold as proof - while the real technical and organizational dependencies remain unchanged. In Identity &amp; Access Management (IAM) in particular, this oversimplification is not only misleading, but dangerous.</p>
<p>This talk puts forward an uncomfortable thesis: digital sovereignty does not begin with data centers, but with identities. And anyone who does not control their identities is not sovereign - no matter how many certificates, compliance seals, or &ldquo;Trusted Cloud&rdquo; labels appear on the slides.</p>
<p><strong>From Sovereignty to Autonomy &ndash; A Necessary Shift in Perspective</strong></p>
<p>Digital sovereignty is often understood as a state: data resides in the &ldquo;right&rdquo; country, contracts are properly worded, regulatory requirements are met. But this perspective ignores a decisive factor: the ability to act. That is why it is more accurate to speak of digital autonomy - the ability of an organization to control, adapt, and, if necessary, decouple its core digital functions in a self-determined way.</p>
<p>Autonomy does not mean autarky. No enterprise will realistically forgo hyperscalers, SaaS platforms, or external identity providers anytime soon. But autonomy does mean understanding dependencies, entering them consciously, and being able to control them. This is precisely where Identity &amp; Access Management (IAM) becomes a strategic key technology.</p>
<p><strong>IAM as the Power Center of the Digital Organization</strong></p>
<p>In many organizations, IAM is still viewed as necessary infrastructure: user management, single sign-on, a few policies, compliance reports for auditors. This view is not only outdated - it is dangerous. Modern IAM systems effectively define:</p>
<ul type="disc">
<li>who is allowed to access what,</li>
<li>under which conditions,</li>
<li>via which platforms,</li>
<li>with which identities (human and non-human),</li>
<li>and based on which external dependencies.</li>
</ul>
<p>IAM is therefore no longer a downstream IT topic, but the power center of the digital organization. Those who lose control over identities - through external identity providers, proprietary access models, or deeply embedded platform dependencies - lose real steering capability.</p>
<p><strong>Why Digital Sovereignty Without IAM Is an Illusion</strong></p>
<p>Many current &ldquo;sovereignty initiatives&rdquo; fail due to a fundamental conceptual error: they focus on data, not on access. But data is worthless if access to it cannot be controlled autonomously. In practice, this means:</p>
<ul type="disc">
<li>Cloud workloads may be operated &ldquo;in Europe&rdquo; while identities are entirely dependent on U.S. platforms.</li>
<li>Critical business processes are technically usable only as long as an external IAM service is available.</li>
<li>Switching providers becomes practically impossible because identity models, roles, and policies are locked into proprietary implementations.</li>
</ul>
<p>Digital sovereignty that ignores such dependencies is pure wishful thinking.</p>
<p>Put provocatively: many contemporary IAM strategies optimize for convenience and cost - and sell the resulting loss of control as &ldquo;modernization.&rdquo; Digital sovereignty then becomes a marketing phrase that glosses over missing exit strategies, implicit vendor lock-ins, and non-delegable core functions. For large enterprises with critical infrastructures, global value chains, and long-term liability risks, this is a dangerous trade-off - quite apart from personal (executive) liability under laws and regulations such as NIS2.</p>
<p><strong>Who This Talk Is For - and Who It Is Not</strong></p>
<p>This talk is deliberately not aimed at marketing departments or buzzword evangelists. It is aimed at:</p>
<ul type="disc">
<li>CIOs, CISOs, and enterprise architects,</li>
<li>technical leaders,</li>
<li>managers who bear responsibility for digital core processes.</li>
</ul>
<p>It will not provide easy answers or &ldquo;recommend tools.&rdquo; Instead, it explains why IAM is the neuralgic point of digital autonomy, which misconceptions dominate today, and which strategic guardrails organizations must establish if they take digital sovereignty seriously.</p>
<p>The talk explicitly addresses the management perspective. Digital sovereignty is neither an end in itself nor an ideological project. It is a risk-management issue, a business-continuity issue, and increasingly a competitive factor. Organizations that can autonomously control their IAM capabilities respond faster to market changes, regulatory requirements, and technological disruption. They retain bargaining power vis-&agrave;-vis vendors and avoid strategic dead ends. Organizations without this autonomy, by contrast, implicitly shift central steering functions outward - often without ever making that decision explicitly.</p>
<p>In closing, the talk makes one thing clear: digital sovereignty in IAM is not a state that can be &ldquo;achieved&rdquo; and then checked off. It is a continuous design process that requires technical excellence, organizational clarity, and strategic courage. Those who reduce it to marketing will lose it. Those who take it seriously must be willing to ask uncomfortable questions - about architecture, governance, and the distribution of power in the digital space.</p>
<p>Precisely for this reason, now is the right time to remove digital sovereignty from the buzzword corner and anchor it where it belongs: at the core of modern IAM architectures.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-the-buzzwords-digital-sovereignty-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-the-buzzwords-digital-sovereignty-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Identity is Not Enough: Enforcing]]></title>
			<link>https://www.kuppingercole.com/watch/identity-is-not-enough-enforcing-eic26</link>
			<guid>https://www.kuppingercole.com/watch/identity-is-not-enough-enforcing-eic26</guid>
			<description><![CDATA[ <p>The cybersecurity industry spends billions on Identity Threat Detection (ITDR) and PAM, yet we cannot stop a compromised administrator or a coerced insider from executing malicious actions once they have valid access. The failure is architectural: we verify who the user is, but once they log in, they have direct technical access to the target system, leaving us blind to their intent until it&rsquo;s too late.</p>
<p><br />This session introduces Pre-Execution Governance, a new architectural standard that bridges the gap between Just-in-Time (JIT) Access and real-time execution. We will demonstrate how to fundamentally decouple the user from the application by terminating their session in a remote, isolated browser. The user interacts only with a visual stream - effectively preventing any malware or exploit from physically reaching the target infrastructure.</p>
<p><br />We will then show how this isolation layer enables deep, real-time oversight:<br />- Contextual Matching: Using deterministic AI to compare live user actions (clicks, queries) against the specific "Reason for Access" declared in their JIT request - blocking valid credentials from performing invalid tasks (e.g., a "Restart Service" ticket cannot execute a database dump).<br />- Dynamic Peer Verification: Moving beyond static rules, the system automatically triggers the 4-Eyes Principle (via mobile push) only when the live action contradicts the approved JIT context.<br />- Exploit Immunity: How separating the user interface from code execution renders application vulnerabilities irrelevant.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/identity-is-not-enough-enforcing-eic26"><img src="https://www.kuppingercole.com//videothumb/identity-is-not-enough-enforcing-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Rethinking Accounts for a Continuous Age [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/rethinking-accounts-for-a-continuous-age-eic26</link>
			<guid>https://www.kuppingercole.com/watch/rethinking-accounts-for-a-continuous-age-eic26</guid>
			<description><![CDATA[ <p>Continuous, or 'event-driven', identity offers a wealth of benefits.&nbsp; With the shared signals framework we can finally enable single log-out; facilitate zero standing privilege; improve fraud detection and resilience; better integrate with digital identity credentials; and optimise the user experience.&nbsp; And the pace and responsiveness of a continuous architecture is crucial in responding to the needs of non-human and agentic identity.<br /><br />To maximise the potential of continuous identity, however, we need to rethink some fundamentals, starting with the very concept of an 'account'.&nbsp; In a continuous world, user accounts can - and arguably *should* - be ephemeral.&nbsp; Adopting ephemeral accounts can significantly improve security, compliance, privacy and user experience. It's a big change, but now is the time to consider it.<br /><br />Join Andrew for this thought-provoking exploration of the potential of dynamic, ephemeral accounts: re-imagining our fundamental identity architecture to meet the demands of a new internet.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/rethinking-accounts-for-a-continuous-age-eic26"><img src="https://www.kuppingercole.com//videothumb/rethinking-accounts-for-a-continuous-age-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Zero Trust - A decade In]]></title>
			<link>https://www.kuppingercole.com/watch/panel-zero-trust-a-decade-in-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-zero-trust-a-decade-in-eic26</guid>
			<description><![CDATA[ <p>Zero Trust has evolved from a provocative architectural concept into a foundational strategy guiding enterprise security programs worldwide. Built on the principle of "never trust, always verify," the model assumes that no user, device, or workload should be granted implicit access based on network location alone, and that every request must be continuously authenticated, authorized, and validated against contextual signals. This panel brings together analysts and architects who have spent the last ten years looking at Zero Trust across different environments, ranging from regulated financial institutions to global manufacturing and public sector organizations. Panelists will share candid reflections on what initially drew organizations to Zero Trust, how their understanding of the model has matured over successive iterations, and where the gap between vendor marketing and operational reality has been widest.</p>
<p>The conversation will include the recurring challenges customers have faced along the way, such as IAM modernization, fragmented telemetry across cloud and on-premises estates, legacy applications that resist modern policy enforcement, segmentation strategies that stall at the network layer, and the organizational change required to align security, identity, and infrastructure teams around a shared model. Panelists will also discuss the practical solutions that have proven durable, such as identity-centric policy engines, phishing-resistant authentication, microsegmentation grounded in workload identity, continuous access evaluation, and the growing role of unified policy frameworks that bridge human, machine, and increasingly agentic identities. The session is intended as a retrospective rather than a forward-looking roadmap, offering a clearer picture of what a mature Zero Trust program looks like in practice and what still remains unresolved.</p>
<p>&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-zero-trust-a-decade-in-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-zero-trust-a-decade-in-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Identity of Things: What is the identity?]]></title>
			<link>https://www.kuppingercole.com/watch/identity-of-things-what-is-the-identity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/identity-of-things-what-is-the-identity-eic26</guid>
			<description><![CDATA[ <p>In logistics, many drivers may only drive for us once. Maintaining personal profiles for this population is unreasonable, even unrealistic. Together with the business, we challenged standard IAM assumptions to gain visibility of thousands of shipments in our digital ecosystem.</p>
<p>This session walks through how we got there, the architecture behind it, and why this pattern might apply far beyond logistics.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/identity-of-things-what-is-the-identity-eic26"><img src="https://www.kuppingercole.com//videothumb/identity-of-things-what-is-the-identity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Static Sessions to Continuous Trust: Implementing SSF and CAEP for Zero Trust Identity [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/from-static-sessions-to-continuous-trust-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-static-sessions-to-continuous-trust-eic26</guid>
			<description><![CDATA[ <p>Traditional IAM systems validate access only at login and maintain that trust until a session expires&mdash;leaving organizations exposed when user state, credentials, or device posture changes in between. In a Zero Trust world, this model is no longer sufficient.<br /><br />The Shared Signals Framework (SSF) and the Continuous Access Evaluation Profile (CAEP) introduce a standards-based, interoperable way to exchange real-time security events between identity providers and relying parties. This enables adaptive, continuous access evaluation aligned with modern Zero Trust principles.<br /><br />This session breaks down the practical implementation of SSF and CAEP:<br /><br />- Why conventional session-based access control falls short.<br />- How event types such as session revoked, credential change, assurance-level change, and session presented drive real-time enforcement.<br />- Architectural patterns for implementing SSF/CAEP in IAM systems.<br />- Key challenges (e.g., multi-tenant event routing, aud claim modeling, subject scoping) and strategies to overcome them.<br />- How SSF and CAEP enhance interoperability, reduce lock-in, and strengthen organizational security posture.<br />- Attendees will leave with a clear understanding of how to integrate SSF and CAEP into identity infrastructures and move toward a continuous, dynamic Zero Trust model.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-static-sessions-to-continuous-trust-eic26"><img src="https://www.kuppingercole.com//videothumb/from-static-sessions-to-continuous-trust-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Zero-Trust in Practice: Continuous, Policy-Driven Protection of Sensitive Data - Beyond Access and Network Controls [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/zero-trust-in-practice-continuous-policy-driven-protection-eic26</link>
			<guid>https://www.kuppingercole.com/watch/zero-trust-in-practice-continuous-policy-driven-protection-eic26</guid>
			<description><![CDATA[ <p>Deutsche Telekom, being at the forefront of providing global digital access, sought to consolidate their IT infrastructure under the Zero Trust Architecture to continuously protect sensitive information. To address these challenges, Deutsche Telekom implemented NextLabs&rsquo; Zero Trust Data Security to unify data protection process for extensive user bases across all major platforms. Deutsche Telekom was able to adopt the zero-trust security architecture to automate and standardize security measures and implement a global ERP strategy with strict data access controls. Additionally, it enabled the Company to enhance cloud computing capabilities and ensures effective security measures by protecting against unauthorized access and data leakage, all while reducing costs with a no-code approach. These measures allow Deutsche Telekom to continuously protect sensitive data, implement field-level encryption, and enforce privacy policies, thereby strengthening data governance and standardizing data protection across the organization.</p>
<p>Takeaways:</p>
<ul type="disc">
<li>Automate access and protection of data using least privilege principle and classification to dynamically protect sensitive data regardless of where it is used or stored.</li>
<li>Simplify management of data protection policies to prevent unauthorized access of restricted data.</li>
<li>Simplified policy administration and management through a unified policy platform to respond to new cybersecurity requirements in real-time.</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/zero-trust-in-practice-continuous-policy-driven-protection-eic26"><img src="https://www.kuppingercole.com//videothumb/zero-trust-in-practice-continuous-policy-driven-protection-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Challenging The Notion: The Best Products Require Custom Authorization Code]]></title>
			<link>https://www.kuppingercole.com/watch/challenging-the-notion-the-best-products-eic26</link>
			<guid>https://www.kuppingercole.com/watch/challenging-the-notion-the-best-products-eic26</guid>
			<description><![CDATA[ <p>Authorization feels inseparable from your product, so we keep rebuilding it in every service, framework, and rewrite. In this talk, I&rsquo;ll challenge that assumption and show how treating authorization as shared infrastructure (without giving up product-specific logic) actually makes systems safer, more flexible, and easier to evolve.</p>
<p>The audience will learn how to assess inefficiencies in their applications and processes, decouple authorization and application logic, and consume authorization as a shared service without compromising their unique security and business needs.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/challenging-the-notion-the-best-products-eic26"><img src="https://www.kuppingercole.com//videothumb/challenging-the-notion-the-best-products-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Delegated Authorization for Relationships [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/delegated-authorization-for-relationships-eic26</link>
			<guid>https://www.kuppingercole.com/watch/delegated-authorization-for-relationships-eic26</guid>
			<description><![CDATA[ <p>Delegated authorization is emerging as a foundational capability for enabling trusted digital relationships&mdash;whether between people, organizations, or intelligent agents. At its core, it&rsquo;s not just about &ldquo;delegation&rdquo; but about defining, expressing, and enabling authorization within the context of a relationship. From guardianship and customer care to enterprise workflows and Agentic AI, delegated authorization unlocks the ability to act on behalf of others safely, transparently, and with appropriate consent.<br /><br />This talk explores how relationship-based authorization is evolving across industries and standards communities. We&rsquo;ll examine what&rsquo;s working, where key gaps remain, and how emerging patterns&mdash;such as contextual delegation and relationship-bound credentials&mdash;can improve both usability and privacy. As identity ecosystems become more automated and interconnected, robust models for delegated authorization will be essential to maintaining trust and control across all types of relationships.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/delegated-authorization-for-relationships-eic26"><img src="https://www.kuppingercole.com//videothumb/delegated-authorization-for-relationships-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Taming Authorization Complexity: Effective Role Models for Large-Scale Enterprises]]></title>
			<link>https://www.kuppingercole.com/watch/taming-authorization-complexity-effective-role-models-eic26</link>
			<guid>https://www.kuppingercole.com/watch/taming-authorization-complexity-effective-role-models-eic26</guid>
			<description><![CDATA[ <p>This panel examines how large enterprises can modernize complex, legacy authorization landscapes into clear, business-aligned role models. As entitlement sprawl grows and regulatory pressure increases, getting authorization right is essential for security, compliance and operational efficiency. Panelists will share data-driven techniques for analyzing entitlements, designing meaningful roles and embedding least privilege, segregation of duties and traceability. Attendees will learn practical methods to involve business stakeholders, run simulations and establish ownership, gaining actionable guidance for governing large-scale authorization models in regulated environments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/taming-authorization-complexity-effective-role-models-eic26"><img src="https://www.kuppingercole.com//videothumb/taming-authorization-complexity-effective-role-models-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Capabilities to Clarity: Aligning IAM with the Identity Fabric at Scale]]></title>
			<link>https://www.kuppingercole.com/watch/from-capabilities-to-clarity-aligning-iam-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-capabilities-to-clarity-aligning-iam-eic26</guid>
			<description><![CDATA[ <p>Identity &amp; Access Management in large banking groups is rarely a pure technology issue! It is an organizational challenge that spans Group functions, IT service providers and the business entities. This session presents how KuppingerCole helped a leading Central and Eastern European banking group move from distributed, IT-centric IAM initiatives to a coherent, group-wide IAM program. Starting from a capability-based view (Identity Fabric and IAM Reference Architecture), the project created a shared language that business, risk, HR, IT and local entities could all use. On this basis, a Group IAM Strategy was defined that clarifies &ldquo;who does what&rdquo;: Group sets principles and minimum standards, the internal IT provider operates central IAM services, and entities run their processes within a common framework while business and control functions own access decisions. A matching target architecture with central identity services, a standardized IGA layer and harmonized IAM was then designed to mirror this operating model. Attendees will learn how aligning governance and architecture unlocks real value: better regulatory alignment, clearer accountability, and a non-siloed IAM program that is ready for today's and future requirements.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-capabilities-to-clarity-aligning-iam-eic26"><img src="https://www.kuppingercole.com//videothumb/from-capabilities-to-clarity-aligning-iam-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: From Provisioning to Continuous Assurance]]></title>
			<link>https://www.kuppingercole.com/watch/panel-from-provisioning-to-continuous-assurance-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-from-provisioning-to-continuous-assurance-eic26</guid>
			<description><![CDATA[ <p>This panel examines how organizations can move from periodic access reviews to continuous assurance using event-driven lifecycle automation and dynamic entitlement evaluation. As hybrid and multi-cloud environments grow more complex, maintaining least privilege in real time has become essential for reducing risk and improving operational resilience. Experts will discuss key architectural patterns, integration requirements, and practical approaches for automating identity decisions at scale. Attendees will learn how continuous assurance strengthens compliance, streamlines operations, and ensures that access remains aligned with business context and policy.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-from-provisioning-to-continuous-assurance-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-from-provisioning-to-continuous-assurance-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Wins & Challenges: Implementation of Conditional Access policies Persona-Based IAM design in a large enterprise]]></title>
			<link>https://www.kuppingercole.com/watch/wins-and-challenges-implementation-of-conditional-access-eic26</link>
			<guid>https://www.kuppingercole.com/watch/wins-and-challenges-implementation-of-conditional-access-eic26</guid>
			<description><![CDATA[ <p>&ldquo;Persona-based&rdquo; CA architecture is a recommended, dynamic, scalable approach for implementing of Zero Trust strategy for Identities AM. And it is documented well. What can go wrong? 🙂<br />I will tell about challenges that we need to deal with focusing on technical details.<br />Session is oriented towards architects, engineers, and consultants working with Microsoft Entra ID and Conditional Access policies.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/wins-and-challenges-implementation-of-conditional-access-eic26"><img src="https://www.kuppingercole.com//videothumb/wins-and-challenges-implementation-of-conditional-access-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Demonstrating Practical use of SSI, Wallets, and Verifiable Credentials in Education [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/demonstrating-practical-use-of-ssi-eic26</link>
			<guid>https://www.kuppingercole.com/watch/demonstrating-practical-use-of-ssi-eic26</guid>
			<description><![CDATA[ <p>The Npuls Eduwallet Project explores the practical use of self-sovereign identity (SSI), digital wallets, and verifiable credentials (VCs) to support lifelong learning in the Netherlands. Aligned with European developments in digital identity and eIDAS2.&nbsp;<br /><br />Through the creation of a sandbox environment, including a demonstrator and pilot implementations, the project seeks to enable learners to securely manage and share their academic identity, qualifications, and credentials across institutions and employers.<br /><br />Early outcomes have been promising, with a functional prototype developed and pilot testing underway. These real-world use cases involve students and institutions actively engaging with the wallet ecosystem and verifiable credential technologies, including the underlying trust layer.<br /><br />In this presentation, we will:<br />&bull;&nbsp; &nbsp; Introduce the Npuls.nl Eduwallet Project<br />&bull;&nbsp; &nbsp; Deliver a live demonstration of real-world eduwallet use cases<br />&bull;&nbsp; &nbsp; Share findings and key learnings from the pilots</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/demonstrating-practical-use-of-ssi-eic26"><img src="https://www.kuppingercole.com//videothumb/demonstrating-practical-use-of-ssi-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Open Solutions leading the EU Digital Identity Wallet Pilot Programs [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/open-solutions-leading-the-eu-digital-identity-wallet-eic26</link>
			<guid>https://www.kuppingercole.com/watch/open-solutions-leading-the-eu-digital-identity-wallet-eic26</guid>
			<description><![CDATA[ <p>Across Europe, national and sectoral pilots are deploying digital identity wallets under the eIDAS2 framework. The leading solutions for credentials, wallets, and Zero Knowledge Proofs are all based on open standards. Learn from real-world pilots how these standards are securing academic networks, press freedom projects, legal persons, and cross-border projects (beyond Europe). Attendees will learn what it takes to design wallet systems that remain open, transparent, and adaptable.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/open-solutions-leading-the-eu-digital-identity-wallet-eic26"><img src="https://www.kuppingercole.com//videothumb/open-solutions-leading-the-eu-digital-identity-wallet-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Sandbox to Production: EUDI Wallet Ecosystem Rollout in Germany [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/from-sandbox-to-production-eudi-wallet-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-sandbox-to-production-eudi-wallet-eic26</guid>
			<description><![CDATA[ <p>The rollout of the European Digital Identity (EUDI) Wallet marks a major step toward secure, interoperable, and citizen-centric digital identity across the EU. Germany&rsquo;s advanced sandbox phase offers valuable insights into how technical, organizational, and regulatory elements align in practice. This talk will outline Germany&rsquo;s path from controlled testing to nationwide deployment, highlighting the key principles and mechanisms for a successful EUDI Wallet launch. We will present the current status, including sandbox outcomes, stakeholder collaboration, interoperability testing, and governance alignment with EU frameworks. Building on these foundations, we will address our strategy to transition from sandbox to production and share our strategy for a smooth successful rollout through close cooperation between public authorities, industry partners and (technical) expert communities.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-sandbox-to-production-eudi-wallet-eic26"><img src="https://www.kuppingercole.com//videothumb/from-sandbox-to-production-eudi-wallet-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Experiences from building the German National EUDI Wallet [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/experiences-from-building-the-german-eudi-wallet-eic26</link>
			<guid>https://www.kuppingercole.com/watch/experiences-from-building-the-german-eudi-wallet-eic26</guid>
			<description><![CDATA[ <p>In this talk Kristina and Paul share insights and challenges from the process of building the German National EUDI Wallet, juggling the different requirements from security, privacy and scalability while ensuring a smooth and friendly user experience for a very diverse audience.&nbsp; The session will also include a live demo of the wallet while illustrating what happens behind the scenes and give an outlook for upcoming features.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/experiences-from-building-the-german-eudi-wallet-eic26"><img src="https://www.kuppingercole.com//videothumb/experiences-from-building-the-german-eudi-wallet-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[EUDIW – Why Should People Care? [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/eudiw-why-should-people-care-eic26</link>
			<guid>https://www.kuppingercole.com/watch/eudiw-why-should-people-care-eic26</guid>
			<description><![CDATA[ <p>Most people don&rsquo;t care about digital identity, they just expect to be recognized. Like in the old days, when you walked into your local bank branch and the teller knew who you were. That was identity, made simple.<br /><br />Today, we talk about &ldquo;selective disclosure&rdquo; and &ldquo;privacy-preserving credentials.&rdquo; Yet the same people who claim to worry about privacy happily share their lives on social media and even form Facebook groups to discuss privacy concerns.<br /><br />For people to embrace new technology, it must offer clear benefits, simplicity, or even a bit of fun. Above all, it must be trusted.<br /><br />This presentation explores the challenges in driving adoption of the EUDIW, how perceptions of trust and convenience differ across Europe, and what concrete actions we can take to make people actually care. And use it.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/eudiw-why-should-people-care-eic26"><img src="https://www.kuppingercole.com//videothumb/eudiw-why-should-people-care-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[B2B and External Identity Governance]]></title>
			<link>https://www.kuppingercole.com/watch/b2b-and-external-identity-governance-eic26</link>
			<guid>https://www.kuppingercole.com/watch/b2b-and-external-identity-governance-eic26</guid>
			<description><![CDATA[ <p>Experience and learnings from actual B2B projects</p>
<p>Allan and Guy will share their experience and learnings from multiple B2B projects, highlighting the questions that need to be addressed before begining, the problems that come up, and the processes that need to be in place in order to be successful.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/b2b-and-external-identity-governance-eic26"><img src="https://www.kuppingercole.com//videothumb/b2b-and-external-identity-governance-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The IAM Hyperscaler: Orchestrating B2B Compliance]]></title>
			<link>https://www.kuppingercole.com/watch/the-iam-hyperscaler-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-iam-hyperscaler-eic26</guid>
			<description><![CDATA[ <p>Modern B2B IAM must operate as an internal hyperscaler, utilizing SCIM APIs and Kafka topics to automate complex workflows. By implementing an asynchronous command pattern, an orchestration microservice abstracts internal logic while ensuring resilient, decoupled interactions. This architecture synchronizes rate-limited external APIs into a high-performance meta-directory, aggregating regulatory data to meet legal requirements for person-to-entity validation. Consumers gain a unified view through Kafka topics and REST APIs, simplifying compliance checks like certifying B2B contacts. This strategy ensures seamless vendor replacement and superior agility, transforming identity into a robust, policy-driven asset.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-iam-hyperscaler-eic26"><img src="https://www.kuppingercole.com//videothumb/the-iam-hyperscaler-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Trust at the Operational Edge: When Workforce Assumptions Meet Frontline Reality]]></title>
			<link>https://www.kuppingercole.com/watch/trust-at-the-operational-edge-eic26</link>
			<guid>https://www.kuppingercole.com/watch/trust-at-the-operational-edge-eic26</guid>
			<description><![CDATA[ <p>Modern identity architectures were built around a corporate workforce model: stable employment, dedicated devices and predictable access patterns.<br />Frontline environments and the Extended Workforce challenge those assumptions.<br />At the intersection of Workforce and B2B ecosystems, the Frontline operates under conditions of shared systems, operational volatility and distributed accountability. The rise of Agentic AI further amplifies these dynamics.</p>
<p>This session examines what it means to establish trust at the operational edge, and why identity must move from implicit, assumption-based models toward explicit and continuously verified trust in environments defined by unpredictability.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/trust-at-the-operational-edge-eic26"><img src="https://www.kuppingercole.com//videothumb/trust-at-the-operational-edge-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Securing Autonomous Systems Through Digital Identities]]></title>
			<link>https://www.kuppingercole.com/watch/securing-autonomous-systems-through-digital-identities-eic26</link>
			<guid>https://www.kuppingercole.com/watch/securing-autonomous-systems-through-digital-identities-eic26</guid>
			<description><![CDATA[ <p>Autonomous systems are reshaping modern enterprises and introducing new challenges for information security and digital trust. This session explores the relationship between autonomous systems, information security and digital identities. By examining a concrete threat scenario, it highlights how manipulated algorithms or falsified identities can disrupt system behaviour, compromise core technologies and impact safety, integrity and operational continuity. The presentation also shows how strong, controlled and managed digital identities enable the security of autonomous systems and help maintain confidentiality, integrity and availability across connected production environments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/securing-autonomous-systems-through-digital-identities-eic26"><img src="https://www.kuppingercole.com//videothumb/securing-autonomous-systems-through-digital-identities-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Bridging the Gaps: Identity, Regulation, and the New Era of Cloud Sovereignty]]></title>
			<link>https://www.kuppingercole.com/watch/bridging-the-gaps-identity-regulation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/bridging-the-gaps-identity-regulation-eic26</guid>
			<description><![CDATA[ <p>As organizations across Europe continue to advance their cloud transformations, they are navigating an increasingly complex landscape shaped by evolving regulatory expectations, heightened requirements for data sovereignty, and heterogeneous operational realities across cloud environments. At the same time, fundamental concepts such as sovereignty, data control, and trust are often interpreted differently by regulators, technology providers, and enterprise teams - creating critical &ldquo;lost in translation&rdquo; moments that can slow progress and introduce uncertainty.</p>
<p>This session highlights how organizations can bring clarity to these gaps by establishing a unified, governance‑driven approach to cloud sovereignty. We explore how identity, access governance, and policy‑driven controls form the strategic foundation for securing data, enabling compliant cloud operations, and fostering trusted collaboration across ecosystems.</p>
<p>Participants will gain practical guidance on aligning cloud architecture with regulatory requirements, strengthening identity as a core pillar of digital sovereignty, and enabling innovation with confidence - without compromising on control, compliance, or trust.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/bridging-the-gaps-identity-regulation-eic26"><img src="https://www.kuppingercole.com//videothumb/bridging-the-gaps-identity-regulation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Agent-Aware IAM: Securing Identity in the Age of Autonomous AI]]></title>
			<link>https://www.kuppingercole.com/watch/agent-aware-iam-securing-identity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/agent-aware-iam-securing-identity-eic26</guid>
			<description><![CDATA[ <p>AI agents are exposing critical flaws in traditional IAM systems. Recent attacks show how adversaries weaponize AI agents to exploit IAM vulnerabilities at machine speed, while prompt injection can manipulate internal agents into malicious behavior.</p>
<p>Traditional IAM, built for human users and static non-human identities (NHI, cannot handle autonomous non-human identities (A-NHI) that operate with unprecedented independence, scale, and contextual adaptability.</p>
<p>This presentation examines how IAM must evolve into agent-aware frameworks, covering architectural design, technical capabilities, and governance models including ownership, provenance, and lifecycle management. We introduce purpose and intent as distinct governance attributes for agentic AI, and show how containment constraints and permission compatibility together provide a two-layer governance architecture for agent-aware IAM.</p>
<p>Securing AI ecosystems demands cross-organizational collaboration to align IAM with business goals while addressing the expanding threat landscape of agentic AI.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/agent-aware-iam-securing-identity-eic26"><img src="https://www.kuppingercole.com//videothumb/agent-aware-iam-securing-identity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Post-Quantum Identity: What to Change Before the Budget Cycle Ends]]></title>
			<link>https://www.kuppingercole.com/watch/panel-post-quantum-identity-what-to-change-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-post-quantum-identity-what-to-change-eic26</guid>
			<description><![CDATA[ <p>Post-quantum cryptography is no longer a future concern - identity leaders must act now, before today&rsquo;s decisions become tomorrow&rsquo;s risk. This panel focuses on what actually needs to change in identity architectures ahead of the next budget cycle, cutting through hype to highlight realistic, near-term priorities. Experts will debate hybrid cryptographic modes, the future of tokens and code signing, and how to manage third-party certificate authorities and certificate lifecycles at scale. Attendees will leave with a clear, prioritized top-five action list - complete with ownership - that they can start executing this quarter.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-post-quantum-identity-what-to-change-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-post-quantum-identity-what-to-change-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The Post-Quantum Apocalypse Is Already Upon Us]]></title>
			<link>https://www.kuppingercole.com/watch/the-post-quantum-apocalypse-is-upon-us-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-post-quantum-apocalypse-is-upon-us-eic26</guid>
			<description><![CDATA[ <p>"The future is already here - it's just not evenly distributed&rdquo;&nbsp; is an apt description of the impact of quantum computers on cryptography and its use in our identity systems. We all know that quantum computers are predicted to be able to break the cryptographic algorithms used in today&rsquo;s identity systems (RSA, Elliptic Curve, etc.) at some unknown point in the future. But this possibility has huge implications *right now*. &ldquo;Disruptive&rdquo; is an understatement. *Every* piece of software using cryptography has to be updated *before* Cryptographically Relevant Quantum Computers (CRQCs) are created (and we don&rsquo;t know when that will be). &ldquo;Store now - decrypt later&rdquo; attacks require action now, not later.&nbsp; Are you using software and protocols that may never be updated for the post-quantum world (such as SAML)? Are you comfortable with your migration path to fully quantum-safe software? This presentation will help you evaluate what you need to do when and how and why to avoid being a victim of the Post-Quantum Apocalypse.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-post-quantum-apocalypse-is-upon-us-eic26"><img src="https://www.kuppingercole.com//videothumb/the-post-quantum-apocalypse-is-upon-us-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Quantum Computing Make For Great Headlines - But They May Not Be The Threats That Should Worry Your Identity Security Team Today]]></title>
			<link>https://www.kuppingercole.com/watch/quantum-computing-make-for-great-headlines-eic26</link>
			<guid>https://www.kuppingercole.com/watch/quantum-computing-make-for-great-headlines-eic26</guid>
			<description><![CDATA[ <p>New technologies are exciting, and their risks are attention-grabbing. The potentially disruptive impact of Quantum Computing or Super Artificial Intelligence dominates headlines and boardroom conversations. Identity Security will be affected as well - but are these really the threats you should focus on today? And are they the ones that will put your organisation at risk?</p>
<p>RSA&rsquo;s Field CTO Ingo Schubert will cut through the noise and provide a grounded perspective on what truly matters for identity security in the coming years. This session will help you distinguish hype from reality, understand where Quantum and AI risks genuinely intersect with IAM, and ultimately make smarter decisions about priorities, architecture - and where to invest your limited security budget</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/quantum-computing-make-for-great-headlines-eic26"><img src="https://www.kuppingercole.com//videothumb/quantum-computing-make-for-great-headlines-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Fireside Chat: OWASP Agentic AI Update]]></title>
			<link>https://www.kuppingercole.com/watch/owasp-agentic-ai-update-eic26</link>
			<guid>https://www.kuppingercole.com/watch/owasp-agentic-ai-update-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/owasp-agentic-ai-update-eic26"><img src="https://www.kuppingercole.com//videothumb/owasp-agentic-ai-update-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Artificial Counter Intelligence]]></title>
			<link>https://www.kuppingercole.com/watch/artificial-counter-intelligence-eic26</link>
			<guid>https://www.kuppingercole.com/watch/artificial-counter-intelligence-eic26</guid>
			<description><![CDATA[ <p>The promise of AI has always been that of improved production, higher efficiency, and in a Utopian world - people not needing to work at all. But just like any other technology being rushed into products, it is not fully mature (both feature- and security-wise), which turns it into a playground for hackers. When strong models are available to attackers, the scale of the threat becomes unbelievably huge. What used to take hours or days to find manually, agents now handle overnight with the exploit ready by morning.<br /><br />We need to change the way we treat AI, how we operate it, and what guardrails are required for it to be trusted (sort of). Analyzing the inherent problems in AI services, we can produce principles that will guide us in this faster-changing-than-ever landscape.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/artificial-counter-intelligence-eic26"><img src="https://www.kuppingercole.com//videothumb/artificial-counter-intelligence-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Machines With Identities: Securing AI Agents and Synthetic Actors]]></title>
			<link>https://www.kuppingercole.com/watch/panel-machines-with-identites-securing-ai-agents-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-machines-with-identites-securing-ai-agents-eic26</guid>
			<description><![CDATA[ <p>AI agents are rapidly becoming first-class digital actors, performing tasks, making decisions, and interacting autonomously across systems. This panel examines why these agents now require identity, trust, and accountability frameworks comparable to human users. Experts will explore emerging models for agent authentication, detecting synthetic identities, and governing autonomous behaviors across complex ecosystems. Attendees will gain clarity on the risks and opportunities of agent-driven interactions, learn how to prepare their IAM architecture for AI-native actors, and understand what trust and control must look like in an autonomous future.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-machines-with-identites-securing-ai-agents-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-machines-with-identites-securing-ai-agents-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Strategy to Implementation: European Countries' Progress Toward the EUDI Wallet 2026 Deadline [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/from-strategy-to-implementation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-strategy-to-implementation-eic26</guid>
			<description><![CDATA[ <p>This presentation provides a comparative overview of national strategies across EU Member States for transitioning to the European Digital Identity (EUDI) Wallet. It maps the current state of implementation, highlighting differences in readiness, policy approaches, and technical progress. By analyzing these national efforts, the session assesses Europe&rsquo;s overall positioning and identifies key challenges and enablers in meeting the 2026 deadline for EUDI Wallet deployment.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-strategy-to-implementation-eic26"><img src="https://www.kuppingercole.com//videothumb/from-strategy-to-implementation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Selective Disclosure Is Not Enough]]></title>
			<link>https://www.kuppingercole.com/watch/selective-disclosure-is-not-enough-eic26</link>
			<guid>https://www.kuppingercole.com/watch/selective-disclosure-is-not-enough-eic26</guid>
			<description><![CDATA[ <p>EUDI wallets are moving from theory to production, but selective disclosure alone will not solve the harder problem of trust at scale. As wallet-based interactions begin to scale across organisations, relying parties will have to solve for more than credential acceptance: they need zero-knowledge proof, orchestration across old and new identity systems, resilient fallback when wallet journeys fail, and revocation-aware trust. This session examines the practical design choices that will separate real-world adoption from another standards success story.&nbsp;&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/selective-disclosure-is-not-enough-eic26"><img src="https://www.kuppingercole.com//videothumb/selective-disclosure-is-not-enough-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From EU Digital Identity Architecture to Real-World Services]]></title>
			<link>https://www.kuppingercole.com/watch/from-eu-digital-identity-architecture-to-real-world-services-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-eu-digital-identity-architecture-to-real-world-services-eic26</guid>
			<description><![CDATA[ <p>While the European Digital Identity Wallet framework is well defined on paper, real-world implementations are only beginning to emerge.<br />This talk shares practical experience from implementing real-world use case combining multiple partners, to provide end services based on the EUDI framework. It demonstrates how wallet-based interactions and verifiable credentials can support everyday use cases across organisational boundaries</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-eu-digital-identity-architecture-to-real-world-services-eic26"><img src="https://www.kuppingercole.com//videothumb/from-eu-digital-identity-architecture-to-real-world-services-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Cloud Signature Consortium and Wallet-based Signing]]></title>
			<link>https://www.kuppingercole.com/watch/cloud-signature-consortium-and-wallet-based-signing-eic26</link>
			<guid>https://www.kuppingercole.com/watch/cloud-signature-consortium-and-wallet-based-signing-eic26</guid>
			<description><![CDATA[ <p>See how digital wallets make document signing simple, secure, and accepted across borders. The session will cover what the standards mean in practice, real use cases, user-friendly journeys, and clear steps to pilot and scale in your organization.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/cloud-signature-consortium-and-wallet-based-signing-eic26"><img src="https://www.kuppingercole.com//videothumb/cloud-signature-consortium-and-wallet-based-signing-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The Future of Passkeys and Digital Wallets: From Authentication to Credential Protection [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/the-future-of-passkeys-and-digital-wallets-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-future-of-passkeys-and-digital-wallets-eic26</guid>
			<description><![CDATA[ <p>Passkeys have proven themselves to be the most effective phishing-resistant authentication method at scale globally - but their potential now extends much further. What happens when this same model is applied to securing the future of digital identity wallets?&nbsp;<br /><br />As part of the revision of the EU common identity framework regulation, also known as eIDAS 2.0, EU Member States will all soon implement a new common structure for electronic credentials based on digital identity wallets. This includes the development of a European Digital Identity (EUDI) wallet.<br /><br />In this session, we will present the current state of digital identity wallets, what the future development looks like, and how passkeys (FIDO / WebAuthn) as open authentication standard for built-in and external devices will be used to secure digital identities moving forward. We&rsquo;ll highlight how these complement each other and look in the real-world by showcasing different ongoing large-scale EU pilots. Additionally, we will share how enterprises and governments can use passkeys to build strong trust in wallet deployments without compromising user experience.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-future-of-passkeys-and-digital-wallets-eic26"><img src="https://www.kuppingercole.com//videothumb/the-future-of-passkeys-and-digital-wallets-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Tensions in Wallet Provider Business Models - From an Ecosystem Perspective [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/tensions-in-wallet-provider-business-models-eic26</link>
			<guid>https://www.kuppingercole.com/watch/tensions-in-wallet-provider-business-models-eic26</guid>
			<description><![CDATA[ <p>What will be a viable and sustainable business model for digital wallet providers? The EU DIW ecosystem lays out the requirements for digital wallets (and wallet providers), but does not detail their business models. Non-eIDAS wallet providers are running business models in various other ecosystems, and some wallets are embedded in ecosystems. Will the business model of the eIDAS wallet provider be similar, what are the differences?&nbsp;<br />This presentation builds on academic research on the tensions in business models for digital wallet providers.&nbsp;<br />The presentation will highlight the ecosystems that are mentioned and their role, where the EU DIW digital identity ecosystem (from eIDAS, ARF and CIRs) is distinct from other (data exchange) ecosystems.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/tensions-in-wallet-provider-business-models-eic26"><img src="https://www.kuppingercole.com//videothumb/tensions-in-wallet-provider-business-models-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Are You Ready for Mythos? Protecting Identities and Access at the Speed of AI]]></title>
			<link>https://www.kuppingercole.com/watch/are-you-ready-for-mythos-eic26</link>
			<guid>https://www.kuppingercole.com/watch/are-you-ready-for-mythos-eic26</guid>
			<description><![CDATA[ <p>New AI models like Anthropic's Mythos are challenging the way organizations secure their environments, and especially their identities. AI-driven adversaries can now run entire cyber attacks, often using the same identity security gaps that human attackers have been exploiting for years, but in minutes instead of months. Technologies like PAM and IGA cannot handle the scale and complexity of these threats. Detection &amp; Response tools can't handle the speed. AI agents and AI adversaries require an urgent change in how we secure identities.</p>
<p>In this session, Hed Kovetz, CEO and Co-Founder of Silverfort, will share what he learned so far from real testing against Mythos, which defenses work and which break, and how Identity Security is evolving to leverage AI against AI without losing control. This includes new and important concepts like Autonomous Runtime Identity Security. Attendees will leave this session with the most updated knowledge about AI threats (with a focus on IAM), effective defense frameworks that they can bring to their companies, and facts that will help them drive urgency and action.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/are-you-ready-for-mythos-eic26"><img src="https://www.kuppingercole.com//videothumb/are-you-ready-for-mythos-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[A Blueprint for IAM in the Age of Al Agents]]></title>
			<link>https://www.kuppingercole.com/watch/a-blueprint-for-iam-in-the-age-of-ai-agents-eic26</link>
			<guid>https://www.kuppingercole.com/watch/a-blueprint-for-iam-in-the-age-of-ai-agents-eic26</guid>
			<description><![CDATA[ <p>Al agents are making decisions, executing actions, and representing organizations in ways that blur the line between human and machine authority. This session explores how to close the Al trust gap through governance, identity, and oversight frameworks that ensure every agent is authorized to do and accomplish only what is intended.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/a-blueprint-for-iam-in-the-age-of-ai-agents-eic26"><img src="https://www.kuppingercole.com//videothumb/a-blueprint-for-iam-in-the-age-of-ai-agents-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Unlocking Enterprise Productivity and Security - AI for Identity Security & Identity Security for AI]]></title>
			<link>https://www.kuppingercole.com/watch/unlocking-enterprise-productivity-and-security-eic26</link>
			<guid>https://www.kuppingercole.com/watch/unlocking-enterprise-productivity-and-security-eic26</guid>
			<description><![CDATA[ 				<br/><br/><a href="https://www.kuppingercole.com/watch/unlocking-enterprise-productivity-and-security-eic26"><img src="https://www.kuppingercole.com//videothumb/unlocking-enterprise-productivity-and-security-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Use Case to Misuse Cases: How Statewide Deployments will attract Fraud-Scenarios]]></title>
			<link>https://www.kuppingercole.com/watch/from-use-case-to-misuse-cases-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-use-case-to-misuse-cases-eic26</guid>
			<description><![CDATA[ <p>This keynote discusses the opportunities and challenges of deploying a nationwide digital identity solution, such as the EU's Identity Wallet initiative, which aims to provide accessible public and private services to all citizens, including those less digitally adept or physically challenged. It highlights the risks of fraud and misuse inherent in such systems, not due to technology itself but due to human behavior, device lifecycle issues, accessibility features, and limited public authority resources.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-use-case-to-misuse-cases-eic26"><img src="https://www.kuppingercole.com//videothumb/from-use-case-to-misuse-cases-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Building Trust at Scale: The Identity Security Fabric as the Foundation for the Agentic Enterprise]]></title>
			<link>https://www.kuppingercole.com/watch/building-trust-at-scale-eic26</link>
			<guid>https://www.kuppingercole.com/watch/building-trust-at-scale-eic26</guid>
			<description><![CDATA[ <p>As organizations embrace AI agents as core components of their digital workforce, traditional security approaches fall short. The Identity Security Fabric represents a paradigm shift - treating AI agents, human users, and connected systems as unified identities within a comprehensive security ecosystem.<br /><br />In this fireside chat, Raphael Bert from Accenture and Arkadiusz Krowczynski from Okta explore how enterprises can securely govern autonomous AI agents while maintaining developer velocity and operational agility. We'll dive into:<br /><br />- Why the Identity Security Fabric is critical for managing the "Agentic Enterprise" - where AI agents operate alongside human teams<br />- Accenture's approach to implementing unified identity governance across distributed AI workloads<br />- Practical strategies for giving developers secure-by-default foundations while enabling Security and IT teams to maintain visibility, control, and orchestration<br />- Real-world challenges in scaling AI agents responsibly: authentication, authorization, audit trails, and compliance<br /><br />Discover how converging identity, access, and security into a single fabric enables organizations to unlock AI's potential without compromising governance or trust.<br /><br /><strong>Key Focus Areas:</strong><br />- Identity Security Fabric as enabling technology<br />- Enterprise-scale AI agent governance<br />- Accenture's consulting perspective on implementation<br />- Developer enablement + security team control balance</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/building-trust-at-scale-eic26"><img src="https://www.kuppingercole.com//videothumb/building-trust-at-scale-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[To Bot or Not to Bot - Identity, Accountability & Governance in the Age of AI Agents]]></title>
			<link>https://www.kuppingercole.com/watch/to-bot-or-not-to-bot-eic26</link>
			<guid>https://www.kuppingercole.com/watch/to-bot-or-not-to-bot-eic26</guid>
			<description><![CDATA[ <p>AI agents are booking meetings, executing transactions, managing access, and making decisions on behalf of real people and organisations. Right now. But as we rush to delegate, a critical question goes unanswered: who is the agent, and who is responsible for what it does?</p>
<p>This keynote traces the identity and accountability crisis at the heart of the AI agent revolution through three fault lines:</p>
<p><strong>1. The Binding Problem</strong></p>
<p>An agent acting on your behalf needs a cryptographic identity, not your password. Yet in practice, most agent deployments still use credential delegation, the same model as a shared service account. We will examine the technical challenge of binding an agent's actions to a human mandate, and why current IAM infrastructure was never built for this.</p>
<p><strong>2. The Accountability Gap</strong></p>
<p>Anthropic's legal challenge over AI use in military applications without human oversight is not a US defence story. It is a preview of the accountability questions every enterprise will face. When an agent makes a decision with real consequences, who is liable? The vendor? The deployer? The human who authorised the agent? The agent itself? Current regulatory frameworks diverge sharply, and China's ban on synthetic AI relationships for minors shows how quickly the geopolitical landscape can shift.</p>
<p><strong>3. The Four-Question Framework</strong></p>
<p>You will leave with a practical assessment framework: is your organisation ready, legally, technically, and ethically, to say yes to the bot?</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/to-bot-or-not-to-bot-eic26"><img src="https://www.kuppingercole.com//videothumb/to-bot-or-not-to-bot-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Breaking Glass: Restoring my Digital Life]]></title>
			<link>https://www.kuppingercole.com/watch/breaking-glass-restoring-my-digital-life-eic26</link>
			<guid>https://www.kuppingercole.com/watch/breaking-glass-restoring-my-digital-life-eic26</guid>
			<description><![CDATA[ <p>Running the Death &amp; The Digital Estate Community Group (DADE CG) at the OpenID Foundation has had me thinking about a specific failure mode: what happens if I lose all my devices at once? The Valencia floods, Central European flooding across Austria, Poland, and beyond, and wildfires in Greece have made it clear: this isn't a theoretical risk.<br /><br />I'm an identity nerd. I've maintained a "break glass kit" for years securely stored where my wife and I can both access it. This is Schr&ouml;dinger&rsquo;s Break Glass Kit, it exists in a quantum state between perfectly engineered and catastrophically broken. I won't know until I open it.<br /><br />Starting from a freshly imaged Mac &mdash; no phone, no watch, no Yubikeys, no other devices &mdash; I will walk you through my personal break glass plan in practice. The questions I'm trying to answer:&nbsp;<br /><br />&bull;&nbsp; &nbsp; Can I successfully recover target systems?<br />&bull;&nbsp; &nbsp; Are there circular dependencies?<br />&bull;&nbsp; &nbsp; Are the break glass instructions executable by others if I am incapacitated?<br /><br />I'll cover the full arc from obtaining the physical assets, how I prioritized what to restore and when, and what I changed after going through the exercise. I'll close with practical guidance so you can build - and test - your own kit.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/breaking-glass-restoring-my-digital-life-eic26"><img src="https://www.kuppingercole.com//videothumb/breaking-glass-restoring-my-digital-life-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[When Authorisation Fails At Cloud Speed: Why Identity Needs A Control Plane, Not Just Login]]></title>
			<link>https://www.kuppingercole.com/watch/when-authorisation-fails-at-cloud-speed-eic26</link>
			<guid>https://www.kuppingercole.com/watch/when-authorisation-fails-at-cloud-speed-eic26</guid>
			<description><![CDATA[ <p data-start="432" data-end="681">In 2026, &ldquo;identity&rdquo; is no longer just about human login and static credentials. Cloud-native applications, automation, agents, and AI-driven services routinely execute privileged actions, often without explicit consent, oversight, or accountability.</p>
<p data-start="683" data-end="883">In this keynote, the argument is made that existing IAM/PAM frameworks were not designed for this reality. The consequence is not just complexity, but blind spots, shared secrets, and silent failures.</p>
<p data-start="885" data-end="1263">The session illustrates why authentication is not authorisation and why privileged access management as we knew it is obsolete. We&rsquo;ll introduce the concept of a dedicated authorisation control plane, one that enforces real-time, contextual decisions at the moment of action, treats all identities, human and non-human, the same, and ensures full auditability and accountability.</p>
<p data-start="1265" data-end="1515">Finally, the keynote explains how this approach is not a new buzzword or category label, but the only realistic path forward if companies need to manage identity risk and compliance reliably in a world of automation, microservices, and machine speed.</p>
<p data-start="1517" data-end="1710" data-is-last-node="" data-is-only-node="">Attendees will walk away with a clear understanding of the structural challenges in traditional access models and a practical vision for how to rebuild identity control for modern environments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/when-authorisation-fails-at-cloud-speed-eic26"><img src="https://www.kuppingercole.com//videothumb/when-authorisation-fails-at-cloud-speed-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Thu, 21 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Scaling Enterprise Identity Programs in the AI Era]]></title>
			<link>https://www.kuppingercole.com/watch/scaling-enterprise-identity-programs-in-the-ai-era-eic26</link>
			<guid>https://www.kuppingercole.com/watch/scaling-enterprise-identity-programs-in-the-ai-era-eic26</guid>
			<description><![CDATA[ <p>AI agents are blurring the lines between human and machine identity, requiring real-time authorization decisions across distributed systems while maintaining full auditability and compliance. Join us to learn how identity practitioners are scaling their programs to support agentic AI workloads, addressing critical concerns around identity provenance, autonomous resource governance, and carrying identity context across complex agent chains.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/scaling-enterprise-identity-programs-in-the-ai-era-eic26"><img src="https://www.kuppingercole.com//videothumb/scaling-enterprise-identity-programs-in-the-ai-era-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[AI Acceleration of Connectors – Myth and Reality]]></title>
			<link>https://www.kuppingercole.com/watch/ai-acceleration-of-connectors-eic26</link>
			<guid>https://www.kuppingercole.com/watch/ai-acceleration-of-connectors-eic26</guid>
			<description><![CDATA[ <p>The effectiveness of an Identity Fabric depends on the breadth of its integration. Yet connector development remains one of the most persistent bottlenecks in IGA programs &ndash; consuming significant development effort, delaying governance coverage, and leaving a growing tail of systems outside active identity management.</p>
<p>In this session, we will examine how AI can expedite substantial parts of the connector development lifecycle: processing API specifications, generating provisioning and reconciliation logic, handling authentication flows, and encoding business rules expressed in natural language.</p>
<p>The session takes a balanced view, exploring where AI-assisted connector development is already practical, where it is still maturing, and what validation and oversight practices organizations should maintain around AI-generated integration code.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/ai-acceleration-of-connectors-eic26"><img src="https://www.kuppingercole.com//videothumb/ai-acceleration-of-connectors-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Buzzword to Reality: Identity Security Requires an IAM Services Thinking]]></title>
			<link>https://www.kuppingercole.com/watch/from-buzzword-to-reality-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-buzzword-to-reality-eic26</guid>
			<description><![CDATA[ <p>Identity Security is not like IAM. First in this session, we will clarify terminology: IAM, Identity Security, Digital Identity, Cybersecurity, etc. &ndash; where are the overlaps, where are the specifics? Following that, we will dig deeper into what Identity Security requires from an organization and why a traditional (legacy) IAM organization is not sufficient anymore.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-buzzword-to-reality-eic26"><img src="https://www.kuppingercole.com//videothumb/from-buzzword-to-reality-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[CISO Council PANEL: Identity at the Epicenter: Why AI Makes It the Most Critical Control in Security]]></title>
			<link>https://www.kuppingercole.com/watch/ciso-council-panel-identity-at-the-epicenter-eic26</link>
			<guid>https://www.kuppingercole.com/watch/ciso-council-panel-identity-at-the-epicenter-eic26</guid>
			<description><![CDATA[ <p>AI is making identity the new frontline of cybersecurity. Deepfakes, hyper-personalized phishing, non-human identities, and autonomous agents are forcing CISOs to rethink access, trust, and control. This panel explores why identity has become the centerpiece of modern security strategy and how leaders are adapting in practice.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/ciso-council-panel-identity-at-the-epicenter-eic26"><img src="https://www.kuppingercole.com//videothumb/ciso-council-panel-identity-at-the-epicenter-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[The Laws of AIdentity]]></title>
			<link>https://www.kuppingercole.com/watch/the-laws-of-aidentity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/the-laws-of-aidentity-eic26</guid>
			<description><![CDATA[ <p>Every governance framework the identity community has built for AI agents answers the same question: should this agent be allowed to run? Registration policies, approval workflows, capability inventories - all of it evaluates the agent before it acts. And all of it shares the same blind spot.</p>
<p>OpenClaw made that blind spot visible overnight. Over 42,000 unprotected gateways. Plaintext credentials. No audit trail. But the real lesson of OpenClaw isn't that ungoverned agents are dangerous - we knew that. It's that governance at registration time can't help you at execution time. Even an agent that passed every onboarding check can chain tools in an unplanned sequence, act on stale delegated authority, or follow a prompt injection into a privilege escalation - all within policy, all within a single turn.</p>
<p>The missing layer isn't a new proprietary control plane. It's something the identity community already knows how to build: runtime authorization. Per-action policy evaluation at the moment an operation is attempted, and per-query control over what an agent can even discover. OpenID AuthZEN gives us the right primitives - evaluation APIs for real-time access decisions, search APIs for scoped discovery - applied to software actors that improvise. The patterns are familiar: PEP, PDP, obligations, evidence. The actor is new.</p>
<p>In this keynote, I'll demonstrate what runtime agent authorization looks like in practice: an agent stopped mid-action by policy and held until a human decides, a signed execution envelope that separates request from control, and an evidence chain that gives auditors cryptographic proof rather than reconstructed logs.</p>
<p>I'll also cover the tradeoffs honestly - where runtime evaluation adds latency, where it constrains autonomy, and why the answer isn't to authorize everything equally but to know which actions demand hard control and which can remain fluid.</p>
<p>If you're building with agents, securing them, or trying to move from guardrails to standards-based runtime control - this is the twenty minutes that reframes the question identity teams should be solving now.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/the-laws-of-aidentity-eic26"><img src="https://www.kuppingercole.com//videothumb/the-laws-of-aidentity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Rethinking Identity in the Age of Resilience]]></title>
			<link>https://www.kuppingercole.com/watch/rethinking-identity-in-the-age-of-resilience-eic26</link>
			<guid>https://www.kuppingercole.com/watch/rethinking-identity-in-the-age-of-resilience-eic26</guid>
			<description><![CDATA[ <p>Organisations are dealing with many external factors, ranging from geopolitical uncertainty to the introduction of (agentic) AI, rapid changes in the workforce, as well as threat adversaries that are becoming more active and creative. Amidst this all, due to the digitalization agenda of organisations, Identity security have become front and center in many of these topics.</p>
<p>Again it is time to re-think how we approach our profession going forward.</p>
<p>Ivo will share his observations from his experience working with public and private organisations on this topic, with the aim to give you some things to think about on your way home on what you can do differently to become better equipped with helping your organization success in this era of resilience.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/rethinking-identity-in-the-age-of-resilience-eic26"><img src="https://www.kuppingercole.com//videothumb/rethinking-identity-in-the-age-of-resilience-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: I Know You Got Soul: Do We Treat AI Agents As Quasi-Human Entities Or Intricately Coded Computer Programs? What Are The Implications For Security And Identity?]]></title>
			<link>https://www.kuppingercole.com/watch/panel-i-know-you-got-soul-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-i-know-you-got-soul-eic26</guid>
			<description><![CDATA[ <p>As AI agents grow more autonomous - booking travel, executing transactions, acting on our behalf across digital systems - a fundamental question emerges: do we treat them as quasi-human entities deserving of trust, identity, and even rights, or as sophisticated programs to be controlled, audited, and constrained? The answer is far from academic. How we frame AI agents shapes the security models we build, the identity architectures we deploy, the liability frameworks we establish, and the attack surfaces we expose. This panel explores the tension between these two worldviews, interrogating the assumptions behind our current approaches and asking what is truly at stake as agents become more capable, more embedded, and harder to distinguish from the humans they represent.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-i-know-you-got-soul-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-i-know-you-got-soul-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond Authentication: Enforcing Trust Across Human and Non‑Human Identities]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-authentication-enforcing-trust-across-human-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-authentication-enforcing-trust-across-human-eic26</guid>
			<description><![CDATA[ <p>Digital transformation has accelerated the growth of identities - and with it the expansion of the enterprise attack surface. Today&rsquo;s organisations rely on an increasingly diverse set of human and non-human identities originating from many sources: Entra ID for SaaS, federated domains created through mergers and acquisitions, partner and supplier ecosystems, service accounts, API integrations, IoT devices, workloads, automation tools, and increasingly autonomous AI agents operating across cloud and on-prem environments. Every optimisation or digitalisation initiative introduces additional actors that must be consistently authenticated and authorised.</p>
<p>But identity proliferation doesn&rsquo;t just introduce complexity. When applications directly rely on external identity providers - whether from SaaS platforms, multi‑cloud setups, partner ecosystems, or post‑merger domains - trust begins to spread far beyond its intended boundary. This increases blast radius whenever a credential is compromised or a provider is misconfigured.</p>
<p>In this session, I demonstrate how OAuth Token Exchange offers a standards‑based pattern to decouple identity origin from trust enforcement. By issuing context‑aware, boundary‑scoped tokens, organisations can enforce identity consistently and reduce risk across internal domains - regardless of where the identity was created.</p>
<p><strong>Key Message</strong></p>
<p>The architectural approach applies equally to on‑prem systems, multi‑cloud deployments, and federated organisations.</p>
<p><strong>Call to Action</strong></p>
<p>We cannot control where identities are created &mdash; but we can control how, where, and under what conditions trust is applied.</p>
<p>If identity enforcement still lives inside your applications, you are scaling complexity and risk. Let&rsquo;s talk about how to centralise trust - not vulnerabilities.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-authentication-enforcing-trust-across-human-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-authentication-enforcing-trust-across-human-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Governing AI Agents Within the Enterprise]]></title>
			<link>https://www.kuppingercole.com/watch/governing-ai-agents-within-enterprise-eic26</link>
			<guid>https://www.kuppingercole.com/watch/governing-ai-agents-within-enterprise-eic26</guid>
			<description><![CDATA[ <p>By mid-2026, the ratio of non-human to human identities will reach a critical tipping point. The rise of Agentic AI - autonomous systems capable of orchestrating workflows and accessing sensitive data without a human in the loop - renders traditional IAM models obsolete. We are no longer securing tools. We are governing digital employees.</p>
<p>This session offers a comprehensive view on integrating autonomous agents into a modern Identity Fabric. We move beyond static authorizations and over-privileged service accounts toward a model of Continuous Adaptive Trust, where every identity, human or machine, earns access through context, intent, and policy.</p>
<p>Participants will explore a blueprint for:</p>
<ul type="disc" data-editing-info="{">
<li>Identity Attribution: Establishing a framework that ties every agentic action back to a human principal and a specific intent, ensuring full traceability across the identity graph.</li>
<li>Policy-Based Access: Transitioning from static roles to dynamic, policy-based access for autonomous workloads, aligned with least privilege and Zero Standing Privileges.</li>
<li>IAM and GRC Convergence: Treating the fusion of identity governance and compliance as the accelerator for a truly governed and audit-ready enterprise identity ecosystem.</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/governing-ai-agents-within-enterprise-eic26"><img src="https://www.kuppingercole.com//videothumb/governing-ai-agents-within-enterprise-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[When Regulation Meets Reality: Running Non-Human Identity at Scale]]></title>
			<link>https://www.kuppingercole.com/watch/when-regulation-meets-reality-eic26</link>
			<guid>https://www.kuppingercole.com/watch/when-regulation-meets-reality-eic26</guid>
			<description><![CDATA[ <p>Digital identity is rapidly becoming regulated infrastructure across Europe. As NIS2, DORA, CRA, GDPR and eIDAS 2.0 raise expectations for resilience, crypto controls, and accountability, many organizations are finding the hardest part isn&rsquo;t the policy, it&rsquo;s making it work at scale across real IT and operational environments.</p>
<p>At the same time, non-human identities, from certificates, keys, workloads, APIs, devices to autonomous agents, are multiplying fast and quietly expanding the attack surface.</p>
<p>Join this presentation to get a clear set of patterns you can apply to reduce outages and risk while staying ready for audits and the next wave of regulation.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/when-regulation-meets-reality-eic26"><img src="https://www.kuppingercole.com//videothumb/when-regulation-meets-reality-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Backup-Jobs to AI-Agents - a practical approach to Non-Human-Identities (NHI)]]></title>
			<link>https://www.kuppingercole.com/watch/from-backup-jobs-to-ai-agents-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-backup-jobs-to-ai-agents-eic26</guid>
			<description><![CDATA[ <p>Which NHI is used where, for what purpose and who is responsible is a non-trivial problem regarding your own data centre. The challenge becomes truly exciting when AI scenarios come into play. The presentation will introduce a model that allows you to gain control over non-human identities, which meets requirements that go beyond pure technical interoperability.</p>
<p>Key Topics:</p>
<ul>
<li>A practical definition of terms</li>
<li>Actors and Usecases in NHI environments</li>
<li>Agentic AI-Hype and practical effects</li>
<li>NHI as cyber security threats and agentic AI as fire accelerant</li>
<li>Useful building blocks and missing parts for modern NHI</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-backup-jobs-to-ai-agents-eic26"><img src="https://www.kuppingercole.com//videothumb/from-backup-jobs-to-ai-agents-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Desktop to AI: Orchestrating the New Identity Perimeter]]></title>
			<link>https://www.kuppingercole.com/watch/from-desktop-to-ai-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-desktop-to-ai-eic26</guid>
			<description><![CDATA[ <p>The traditional enterprise perimeter has been replaced by a dynamic and fractured edge, defined by two critical and often-unsecured domains: the user's physical desktop and the autonomous AI agent. This session presents a forward-thinking, architectural blueprint for unifying and securing this new identity perimeter.</p>
<p>We will begin by tackling the foundational challenge of device trust. We will argue that authenticating a user is no longer sufficient; true zero trust requires binding identity to a verifiably secure device before the first access request is ever made. We will explore a strategy for extending phishing-resistant, passwordless authentication directly to the desktop login, and discuss the architectural principles for continuously assessing device trust by integrating rich context and signals from the endpoint security ecosystem.</p>
<p>With this foundation of physical device trust established, we will pivot to the next frontier: the autonomous workforce. We'll outline a strategy for securing AI-powered workflows by moving beyond static secrets and service accounts. The discussion will focus on the principles of discovering and governing non-human and AI identities, and the critical need for an identity fabric that can orchestrate ephemeral, just-in-time access for these autonomous agents.</p>
<p>Attendees will leave with a cohesive, strategic framework for building a security posture that is prepared for the challenges of today and the identity-centric realities of an AI-driven tomorrow.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-desktop-to-ai-eic26"><img src="https://www.kuppingercole.com//videothumb/from-desktop-to-ai-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Bridging the Gap - Verified Trust for All Identities]]></title>
			<link>https://www.kuppingercole.com/watch/bridging-the-gap-verified-trust-for-all-identities-eic26</link>
			<guid>https://www.kuppingercole.com/watch/bridging-the-gap-verified-trust-for-all-identities-eic26</guid>
			<description><![CDATA[ <p>As AI agents, deepfakes, and automated attacks outpace traditional IAM, organisations face a widening identity trust gap. Drawing on Ping Identity&rsquo;s State of Trust research, this session examines how to move from static authentication to continuous, verified trust - helping security leaders assess their current posture and apply practical, risk-adaptive IAM patterns over the next 12&ndash;24 months.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/bridging-the-gap-verified-trust-for-all-identities-eic26"><img src="https://www.kuppingercole.com//videothumb/bridging-the-gap-verified-trust-for-all-identities-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[For AI Intents and Purposes]]></title>
			<link>https://www.kuppingercole.com/watch/for-ai-intents-and-purposes-eic26</link>
			<guid>https://www.kuppingercole.com/watch/for-ai-intents-and-purposes-eic26</guid>
			<description><![CDATA[ <p>Since the beginning of space exploration, countries have raced to put objects into Earth&rsquo;s orbit, providing us with telecommunications, GPS services, weather tracking, and contributing to science in ways we can only imagine. But after decades of uncontrolled launches, space has also become increasingly more congested, with over 48,900 different objects currently circling the earth.&nbsp; These objects that represent risk to humans both in space and on the ground, the &ldquo;ethical debt&rdquo; of rushing to exploit this untapped resource without proper foresight or proper controls.</p>
<p>The core of this growing problem is purpose or "intent"; objects deemed beneficial should be allowed, and harmful ones eliminated. But the calculation of intent is not always so straightforward. Who launched the object? What was its original stated purpose? Who currently controls or owns the object? And how do we validate these claims?</p>
<p>The adoption of agentic AI presents a similar problem for identity. Access controls and real-time governance of automated actors depend on an analogous understanding of intent. Purpose, creation, ownership, operation&mdash;these are all factors in the calculation of the purpose of an agent's activity and actions. While calculation of intent is (at times) relatively straightforward, it's more often a rapidly evolving, challenging operation.</p>
<p>We'll learn lessons from what space exploration has gotten right (and horribly wrong) as it seeks to evaluate intent and seek to apply that insight to the current frontiers of identity.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/for-ai-intents-and-purposes-eic26"><img src="https://www.kuppingercole.com//videothumb/for-ai-intents-and-purposes-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Intersection of Artificial Intelligence (AI) and its' impact on Cybersecurity]]></title>
			<link>https://www.kuppingercole.com/watch/intersection-of-artificial-intelligence-and-its-impact-on-cybersecurity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/intersection-of-artificial-intelligence-and-its-impact-on-cybersecurity-eic26</guid>
			<description><![CDATA[ <p>In this session, we will explore the critical intersection of Artificial Intelligence (AI) and impact on cybersecurity. You&rsquo;ll gain insights into what AI Security entails, the Security AI Framework, and the various AI Security models shaping today&rsquo;s landscape. We will examine the key threats and risks associated with AI, and discuss practical strategies to mitigate these challenges through robust security capabilities. We&rsquo;ll also examine how AI Security reshapes Identity and Access Management (IAM), and what steps organizations can take to stay resilient in this rapidly changing security landscape.</p>
<p>Key Takeaways:</p>
<ul>
<li>Understand the fundamentals of AI Security and why it matters.</li>
<li>Learn about the Security AI Framework and AI Security models.</li>
<li>Identify common threats and risks in AI systems.</li>
<li>Discover mitigation strategies and security capabilities to safeguard AI.</li>
<li>Explore the impact of AI Security on IAM and how to adapt your identity strategy.</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/intersection-of-artificial-intelligence-and-its-impact-on-cybersecurity-eic26"><img src="https://www.kuppingercole.com//videothumb/intersection-of-artificial-intelligence-and-its-impact-on-cybersecurity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From SAP IDM to Identity Resilience: Modern Architecture and Governance in the Age of AI [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/from-sap-idm-to-identity-resilience-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-sap-idm-to-identity-resilience-eic26</guid>
			<description><![CDATA[ <p>As organisations phase out legacy platforms like SAP IDM, identity is shifting from operational administration to strategic resilience. In an era defined by cloud transformation, non-human identities, regulatory pressure, and AI-driven automation, identity architecture and governance must evolve.</p>
<p>This session explores how to modernise legacy IAM environments into resilient, future-ready identity ecosystems. We will discuss architectural decisions, governance models, and measurable outcomes that matter to both business and technical stakeholders &mdash; from reducing risk and improving compliance to enabling agility and innovation.</p>
<p>Attendees will gain practical insights into building identity resilience that supports security, regulatory requirements, and long-term digital strategy.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-sap-idm-to-identity-resilience-eic26"><img src="https://www.kuppingercole.com//videothumb/from-sap-idm-to-identity-resilience-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Make or Buy - Why just another software isn't the future of IAM at Schwarz]]></title>
			<link>https://www.kuppingercole.com/watch/make-or-buy-eic26</link>
			<guid>https://www.kuppingercole.com/watch/make-or-buy-eic26</guid>
			<description><![CDATA[ <p>At Schwarz, we are used to large numbers. More than 150 billion revenue, more than 650.000 employees, 32 countries, different divisions, our own hyperscaler cloud and so on and so forth. For our workforce IAM, this means a lot of work. 850.000 identities to manage and govern, 25.000 off- and on-boardings every month, 5 million authentications per day and approximately 150 Million identity related events per day. For years we have been struggling with vendor software, adapting heavy customizing, huge investments into infrastructure and increasing complexity of simple tasks to unmanageable systems. So we asked ourselves - is the way forward just another software, or is a more radical approach needed. At Schwarz, our identities belong to us!</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/make-or-buy-eic26"><img src="https://www.kuppingercole.com//videothumb/make-or-buy-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[On Beyond OAuth: Adapting Security to a Dynamic World]]></title>
			<link>https://www.kuppingercole.com/watch/on-beyond-oauth-eic26</link>
			<guid>https://www.kuppingercole.com/watch/on-beyond-oauth-eic26</guid>
			<description><![CDATA[ <p>When OAuth 1.0 was invented in the mid-2000's, a native application meant something running on a desktop and websites did not always have APIs. And when they did, you could just replay someone's password to authenticate with HTTP Basic like we always had from the web's early days. But OAuth came and showed the world a better way, and OAuth 2.0 refined that model and cemented the protocol family as the core delegation protocol for nearly everything online. Its core model of connecting one website to another for delegated access has served it well, and OAuth has been successfully extended into related fields like identity (with OpenID Connect) and high assurance (with FAPI).</p>
<p>But now we're 20 years past those early days and the has changed drastically along with every part of life that's now connected to it. Today, machine identities and AI agents are questioning the fundamental model of OAuth in ways we've never seen. OAuth has proven to be incredibly flexible in the past, and new extensions are being proposed to bring it into this new world. At the same time, alternatives have been proposed that have started to take root in some spaces. Are we on the verge of a new world?</p>
<p>Come to this talk to learn about how OAuth is changing, and how our views of security are forcing re-evaluation of contexts and assumptions that have served the internet well for decades.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/on-beyond-oauth-eic26"><img src="https://www.kuppingercole.com//videothumb/on-beyond-oauth-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Worth the pain? IAM Transformation under carve-out pressure [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/worth-the-pain-iam-transformation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/worth-the-pain-iam-transformation-eic26</guid>
			<description><![CDATA[ <p>Learn how Daimler Truck took the opportunity given by carve out from Mercedes-Benz to transform their IAM Landscape and shaped Infrastructure for the whole company by setting up a state-of-the-art IGA centric solution with non-hybrid approach while transforming Applications, Clients, and Identities.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/worth-the-pain-iam-transformation-eic26"><img src="https://www.kuppingercole.com//videothumb/worth-the-pain-iam-transformation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Redefining Application Governance: How Munich Re Unites IAM Strategy and Application Onboarding for the Next Era of IGA [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/redefining-application-governance-eic26</link>
			<guid>https://www.kuppingercole.com/watch/redefining-application-governance-eic26</guid>
			<description><![CDATA[ <p>DORA authorization concepts often exist in silos - disconnected from broader IAM and IGA strategies, creating friction and risk. Munich Re is transforming this paradigm through a unified governance approach that strategically connects application onboarding, IAM systems, and AI-driven insights.<br /><br />This session explores how Munich Re consolidates multiple IGA and authorization concept platforms, integrates Segregation of Duties (SoD) controls, and applies AI to assess and improve governance quality. The result is a scalable governance model that bridges architecture, compliance, and automation - turning fragmented documentation into a dynamic foundation for digital trust and strategic agility. The session will also outline the target architecture vision and provide insights into the practical implementation journey at an operational level.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/redefining-application-governance-eic26"><img src="https://www.kuppingercole.com//videothumb/redefining-application-governance-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Evolving a Legacy IGA Solution to make it the Pillar of the Identity Fabric [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/evolving-a-legacy-iam-solution-eic26</link>
			<guid>https://www.kuppingercole.com/watch/evolving-a-legacy-iam-solution-eic26</guid>
			<description><![CDATA[ <p>This is the time for the companies to start designing and building the identity fabric, integrating several identity and access management solutions to bring security and business value capabilities in a joint manner. However, it is not always easy to find a business case to replace a traditional IGA solution with a new brand SaaS IGA, then there is no other option rather to evolve what you have in order to ensure it plays the expected role in the Identity fabric. So, in this session, i will be sharing and showcasing how to evolve a legacy IGA platform at the level to be the pillar of the identity fabric.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/evolving-a-legacy-iam-solution-eic26"><img src="https://www.kuppingercole.com//videothumb/evolving-a-legacy-iam-solution-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Fragmented to Autonomous: Building an Identity Governance Strategy for the Cloud and AI Era [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/from-fragmented-to-autonomous-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-fragmented-to-autonomous-eic26</guid>
			<description><![CDATA[ <p>Identity is the breach. 90% of incident response investigations trace back to an identity weakness, and the containment window is shrinking.</p>
<p>Praerit Garg has been building identity and access systems since before most enterprises knew they needed them, starting at Microsoft in the early days of directory services and spending decades since at the intersection of cloud scale and enterprise security. He has a point of view on where this is going, and it isn't flattering to the status quo.</p>
<p>This session maps the maturity journey from fragmented point solutions to autonomous, self-healing access governance, and makes the case that getting there is a strategic decision, not a procurement one.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-fragmented-to-autonomous-eic26"><img src="https://www.kuppingercole.com//videothumb/from-fragmented-to-autonomous-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Configuration to Intent: How AI-Driven Design Studios Are Transforming Identity Governance [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/from-configuration-to-intent-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-configuration-to-intent-eic26</guid>
			<description><![CDATA[ <p>Identity Governance programs continue to demand deep customization, extensive configuration, and constant redesign&mdash;placing significant burden on IAM designers and delivery teams. In this session, we introduce Tuebora&rsquo;s AI-powered IGA Design Studio, a new approach that allows practitioners to translate business intent directly into governed, reusable identity artifacts across joiner/mover/leaver flows, access reviews, policies, and integrations. Attendees will see how AI-assisted design, validation, and deployment dramatically reduce manual effort while preserving auditability, governance controls, and vendor-specific precision. We will also explore real-world use cases including redesign, reuse, and migration of identity configurations&mdash;traditionally some of the most time-consuming activities in IAM. The session concludes with a practical view of how AI can elevate the role of IAM designers from configuration specialists to true governance architects.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-configuration-to-intent-eic26"><img src="https://www.kuppingercole.com//videothumb/from-configuration-to-intent-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Digital IAM Governance for BMW Group - Establishing Automated Evidence and Documentation at Enterprise Scale [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/digital-iam-governance-for-bmw-group-eic26</link>
			<guid>https://www.kuppingercole.com/watch/digital-iam-governance-for-bmw-group-eic26</guid>
			<description><![CDATA[ <p>In large-scale enterprises, IAM governance is evolving from static documentation towards dynamic, automated assurance. At BMW Group, the Digital IAM Governance initiative redefines how compliance, transparency, and operational efficiency can be achieved in complex IT environments.<br />&nbsp;<br />The project focuses on creating a fully digitalized and workflow-driven IAM documentation and evidence framework. This approach ensures that access concepts, roles, and entitlements are consistently defined, validated, and auditable across the organization. By end-to-end integrating governance processes, policy controls and data from various systems, BMW builds a foundation for continuous compliance and real-time traceability of identity-related decisions.<br />&nbsp;<br />In this session, BMW Group will share its strategic vision and practical experiences in transforming IAM governance into a fully digital, automated process. The presentation will explore key design principles, organizational challenges, and lessons learned on the journey towards faster, simpler, and more secure IAM governance across the enterprise.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/digital-iam-governance-for-bmw-group-eic26"><img src="https://www.kuppingercole.com//videothumb/digital-iam-governance-for-bmw-group-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[How To Prepare For Digital Wallets – In Perspective Of Population Registration [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/how-to-prepare-for-digital-wallets-eic26</link>
			<guid>https://www.kuppingercole.com/watch/how-to-prepare-for-digital-wallets-eic26</guid>
			<description><![CDATA[ <p>Marianne Henriksen will address the importance of an holistic identity management. The Norwegian Tax Administration have two roles in this, both as the owner of the Population Registry, and as a user of digital identity according to tax related services. The presentation will focus on how digital wallets can be used to access digital services for both residents and non-residents, and the possibility for fraud prevention. The challenges and importance of building an infrastructure that are sustainable and credible according to the use of governmental purposes will be in focus in her presentation. To ensure trust there is a need to find a solution where everyone can be included and at the same time take the fraud and identity- theft in to consider. How to find this balance?&rdquo;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/how-to-prepare-for-digital-wallets-eic26"><img src="https://www.kuppingercole.com//videothumb/how-to-prepare-for-digital-wallets-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[GDPR Is Only as Strong as Your IAM: Turning Compliance into Control]]></title>
			<link>https://www.kuppingercole.com/watch/gdpr-is-only-as-strong-as-your-iam-eic26</link>
			<guid>https://www.kuppingercole.com/watch/gdpr-is-only-as-strong-as-your-iam-eic26</guid>
			<description><![CDATA[ <p>Identity and Access Management is one of the most effective tools we have to enforce GDPR and cross‑border compliance in practice.</p>
<p>When personal data can be accessed from multiple countries, systems, or service providers, the ability to control <i>who has access</i>, <i>to what</i>, and <i>under which conditions</i> becomes critical. GDPR requires that access to personal data is limited, auditable, and proportional - and IAM is how we make that real.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/gdpr-is-only-as-strong-as-your-iam-eic26"><img src="https://www.kuppingercole.com//videothumb/gdpr-is-only-as-strong-as-your-iam-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Respecting Privacy Across Jurisdictional Boundaries]]></title>
			<link>https://www.kuppingercole.com/watch/respecting-privacy-across-jurisdictional-boundaries-eic26</link>
			<guid>https://www.kuppingercole.com/watch/respecting-privacy-across-jurisdictional-boundaries-eic26</guid>
			<description><![CDATA[ <p>Some verifiable digital credentials (such as mDL) are intended for use across jurisdictional boundaries.&nbsp; Regulatory privacy protections often do not apply to data released to relying parties in a different jurisdiction.&nbsp; This session will explore the challenges faced by the cross-jurisdictional use of digital credentials.&nbsp; This session will also discuss solutions to this conundrum, including the work of the Kantara Privacy Enhancing Mobile Credentials (PEMC) group.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/respecting-privacy-across-jurisdictional-boundaries-eic26"><img src="https://www.kuppingercole.com//videothumb/respecting-privacy-across-jurisdictional-boundaries-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Designing European AI Agency: How Sovereign Intelligence Can Still Be Built]]></title>
			<link>https://www.kuppingercole.com/watch/panel-designing-european-ai-agency-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-designing-european-ai-agency-eic26</guid>
			<description><![CDATA[ <p>Europe has spent the last decade defining rules for the digital age; the next decade must be about building capability. As AI systems increasingly shape identity, administration, markets, and public decision-making, sovereignty can no longer be an afterthought&mdash;it must be designed into architectures, infrastructures, and governance models from the outset. This panel brings together academic insight, entrepreneurial practice, and ecosystem perspectives to explore how Europe can move from regulatory leadership to operational AI agency. We argue that digital identity, cloud, and AI form a single strategic system&mdash;and that Europe is still well positioned to shape it. The discussion focuses on concrete pathways to build a European future with sovereign, competitive, and globally relevant AI capacity.</p>
<p><strong>Some of the discussion points</strong></p>
<ul type="disc" data-editing-info="{">
<li>From regulation to construction: what European AI agency actually requires</li>
<li>Building sovereign AI without sacrificing openness, innovation, or global cooperation</li>
<li>Beyond consumer-scale models: Why Europe&rsquo;s comparative advantage in AI is likely to emerge in physical AI and industrial-grade systems rooted in manufacturing, robotics, and embedded intelligence.</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-designing-european-ai-agency-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-designing-european-ai-agency-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[365 Days of Change: Why European IAM Matters Now [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/365_day_of_change-eic26</link>
			<guid>https://www.kuppingercole.com/watch/365_day_of_change-eic26</guid>
			<description><![CDATA[ <p>Over the past year, Europe has made significant strides toward digital sovereignty, both politically and technologically. This talk examines the key developments in Identity &amp; Access Management (IAM), from regulatory milestones like eIDAS 2 and NIS2 to innovations in privacy-by-design architectures and federated cloud models. Participants will learn why European IAM solutions are increasingly trustworthy, how organizations can leverage them, and how IAM leaders can turn digital sovereignty into a strategic advantage that balances innovation, compliance, and security.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/365_day_of_change-eic26"><img src="https://www.kuppingercole.com//videothumb/365_day_of_change-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Lessons Learned: Migrating a legacy on-prem PAM environment into a modern cloud native solution [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/lessons-learned-migrating-legacy-on-prem-pam-environment-eic26</link>
			<guid>https://www.kuppingercole.com/watch/lessons-learned-migrating-legacy-on-prem-pam-environment-eic26</guid>
			<description><![CDATA[ <p>Mercedes has been using and adopting its legacy on-prem PAM system for many years, managing more than 10.000 privileged users and 200.000 accounts. Being an early adopter in the PAM space has delivered many benefits but also had the caveat that the underlying tech stack has still been the same. The decision has been taken to migrate this critical system into a new, modern cloud solution, which enables Mercedes to leverage new features, reduce cost and react faster to the fast-changing requirements.<br />This talk will provide an overview about the migration project, challenges which appeared as well as discuss lessons learned.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/lessons-learned-migrating-legacy-on-prem-pam-environment-eic26"><img src="https://www.kuppingercole.com//videothumb/lessons-learned-migrating-legacy-on-prem-pam-environment-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[German Creativity, Italian Precision, Danish Clutter: Subverting Stereotypes in Partner IAM [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/german-creativity-italian-precision-danish-clutter-eic26</link>
			<guid>https://www.kuppingercole.com/watch/german-creativity-italian-precision-danish-clutter-eic26</guid>
			<description><![CDATA[ <p>Partner Identity and Access Management, aka B2B IAM, remains one of the most overlooked areas in digital ecosystems. In the hands of the right, commercially minded digital team, it can be truly transformative.<br /><br />In this conversation, Olaf Grewe (National Australia Bank), Jerome Tosterson (Salling Group), and Marco Venuti (Thales) challenge assumptions and share lessons from three complementary perspectives: financial institutions, retail supplier ecosystems, and identity solution providers.<br /><br />The session explores common blind spots in IAM design, including how scale and partner diversity are often underestimated; the role of organizational validation,&nbsp; third-party authentication trust; and how flexible delegation and authorization models can evolve from static to runtime and even event-driven contexts.<br /><br />Expect sharp insights, cultural humor, and pragmatic takeaways that show how &ldquo;improper&rdquo; problem-solving, blending creativity, precision, and a touch of Danish clutter, can lead to more resilient and scalable approaches to B2B identity.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/german-creativity-italian-precision-danish-clutter-eic26"><img src="https://www.kuppingercole.com//videothumb/german-creativity-italian-precision-danish-clutter-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Future-Ready CIAM in Practice: Turning Security and UX into Shared Guardrails in a Multi-Brand Environment]]></title>
			<link>https://www.kuppingercole.com/watch/future-ready-ciam-in-practice-eic26</link>
			<guid>https://www.kuppingercole.com/watch/future-ready-ciam-in-practice-eic26</guid>
			<description><![CDATA[ <p>Managing digital identities at scale is a major challenge for telecommunications providers. Large customer bases, increasing security threats, strict regulatory requirements, and complex multi-brand environments create significant pressure on identity systems.</p>
<p>In this session, Bare.ID and congstar share how they modernized their CIAM landscape to support more than 7 million customer identities across multiple brands. Instead of treating security and user experience as trade-offs, they established both as key guiding principles to create a reliable, user-centric login experience. A key part of this journey was the shift to passwordless login using Passkeys &ndash; turning secure login into an almost invisible experience while significantly strengthening protection behind the scenes.</p>
<p>The session highlights the real-world challenges behind this transformation: balancing consistent identity management with independent brand experiences, reducing operational complexity, and meeting regulatory requirements such as GDPR and NIS2.</p>
<p>Attendees will gain practical insights into how large organizations can simplify authentication, drive passwordless adoption, and build a scalable identity platform that earns customer trust throughout the entire authentication process.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/future-ready-ciam-in-practice-eic26"><img src="https://www.kuppingercole.com//videothumb/future-ready-ciam-in-practice-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Scaling Passkeys at eBay: Building Toward a Passwordless Future]]></title>
			<link>https://www.kuppingercole.com/watch/scaling-passkeys-at-ebay-eic26</link>
			<guid>https://www.kuppingercole.com/watch/scaling-passkeys-at-ebay-eic26</guid>
			<description><![CDATA[ <p>This session shares eBay&rsquo;s journey in deploying FIDO-based passkey authentication across web, mobile, and app platforms. We&rsquo;ll cover the implementation choices, integration challenges, and the best practices that shaped a successful global rollout. Attendees will learn how our approach evolved to deliver secure, frictionless, and passwordless access for millions of users worldwide&mdash;offering practical insights for organizations planning large-scale passkey adoption.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/scaling-passkeys-at-ebay-eic26"><img src="https://www.kuppingercole.com//videothumb/scaling-passkeys-at-ebay-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Siemens PAM Journey – from 0 to 200 000 Privileged Secrets in 5 years]]></title>
			<link>https://www.kuppingercole.com/watch/siemens-pam-journey-eic26</link>
			<guid>https://www.kuppingercole.com/watch/siemens-pam-journey-eic26</guid>
			<description><![CDATA[ <p>In this presentation we would like to show the Siemens PAM Journey with its &ldquo;Ups&rdquo; and &ldquo;Downs&rdquo;, challenges and future plans to make Siemens more secure.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/siemens-pam-journey-eic26"><img src="https://www.kuppingercole.com//videothumb/siemens-pam-journey-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Global Trust at Scale: Are We Finally Interoperable?]]></title>
			<link>https://www.kuppingercole.com/watch/panel-global-trust-at-scale-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-global-trust-at-scale-eic26</guid>
			<description><![CDATA[ <p>This panel explores how eIDAS 2.0, GAIN, and other emerging trust frameworks are reshaping global digital identity. Experts from key regions discuss why true cross-border interoperability remains difficult, highlighting shared challenges, jurisdictional differences, and the minimum policy and technical requirements for success.</p>
<p>Attendees will learn what it takes to operationalize trust frameworks in real-world environments, how to align standards with national and sector needs, and how organizations can prepare for a future where digital identity must function reliably across borders.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-global-trust-at-scale-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-global-trust-at-scale-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Exporting Trust: EUDI Beyond the EU [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/exporting-trust-eudi-beyond-the-eu-eic26</link>
			<guid>https://www.kuppingercole.com/watch/exporting-trust-eudi-beyond-the-eu-eic26</guid>
			<description><![CDATA[ <p data-start="78" data-end="534">The EUDI Regulation is one of the most ambitious digital trust frameworks ever built. Although it was designed from the ground up to facilitate cross-border interoperability, the irony is that this trust effectively stops at the borders of the EU. This represents a missed opportunity on both sides: for third countries looking to gain access to EU digital markets, and for EU market players looking for opportunities beyond an already saturated EU market.</p>
<p data-start="536" data-end="804" data-is-last-node="" data-is-only-node="">This talk looks at how the World Bank is working to build on the EUDI model to export trust to other regions, helping countries align with the EU model while also facilitating its adaptation to other contexts with different capacities, priorities, and starting points.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/exporting-trust-eudi-beyond-the-eu-eic26"><img src="https://www.kuppingercole.com//videothumb/exporting-trust-eudi-beyond-the-eu-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Framework to Function: the UK’s Approach to Delivering Trusted Digital Identity at Scale]]></title>
			<link>https://www.kuppingercole.com/watch/from-framework-to-function-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-framework-to-function-eic26</guid>
			<description><![CDATA[ <p>Digital identity in the UK is at a point of inflection. The UK digital identity and attributes trust framework, developed through pilots over many years, now forms the basis of a secure and privacy-enhancing ecosystem that is recognised in UK law. This work is already unlocking more efficient transactions across the UK economy, from pre-employment checks to picking up a parcel at the post office.</p>
<p>In this session, John Peart, representing the UK Government&rsquo;s Department for Science, Innovation and Technology, will explore the technology, standards and assurance mechanisms that now underpin trust in the UK market (including a certification system that meets ISO 17065 standards and a new corresponding trust mark) and makes digital verification work at scale. He&rsquo;ll also share some of the (hard) lessons learned along the way and the UK&rsquo;s roadmap for the future.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-framework-to-function-eic26"><img src="https://www.kuppingercole.com//videothumb/from-framework-to-function-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Access Control to Trust Intelligence: Rethinking Insider Risk Through Identity [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/from-access-control-to-trust-intelligence-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-access-control-to-trust-intelligence-eic26</guid>
			<description><![CDATA[ <p>Insider risk is no longer a niche security problem, it&rsquo;s a governance challenge at the core of every organization. As businesses evolve toward hybrid operations and data-driven collaboration, the real question is not who has access, but how identities reflect trust, accountability, and intent.<br /><br />This session explores how Identity and Access Management (IAM) programs can evolve into a foundation of insider risk management, not by adding more surveillance, but by embedding behavioral, ethical, and operational context into identity governance itself.<br /><br />We&rsquo;ll look at how identity becomes the language of trust across the enterprise:<br />&nbsp; &nbsp; &bull;&nbsp; &nbsp; From provisioning to prediction &mdash; understanding the signals of privilege misuse and entitlement drift before they become incidents;<br />&nbsp; &nbsp; &bull;&nbsp; &nbsp; From compliance to culture &mdash; turning access policies into expressions of organizational values and accountability;<br />&nbsp; &nbsp; &bull;&nbsp; &nbsp; From detection to decision-making &mdash; using identity-centric risk insights to inform hiring, offboarding, and third-party engagement decisions.<br /><br />Drawing on cases from finance, healthcare, and the public sector, we&rsquo;ll demonstrate how organizations can use IAM not just to prevent incidents, but to strengthen their human trust architecture.<br /><br />The result: a model of identity-driven insider risk management that aligns regulatory compliance with sustainable resilience, proving that trust can be engineered as deliberately as access itself.</p>
<p>Attendees will leave able to:</p>
<ol type="1" start="1">
<li>Read IAM telemetry signals from existing IGA and PAM data that predict insider incidents earlier than detection tooling.</li>
<li>Apply a four-node decision tree to test identity-based monitoring against EU proportionality requirements before deployment.</li>
<li>Translate one identity maturity gap into a defensible annual loss range, anchored in published industry data.</li>
</ol>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-access-control-to-trust-intelligence-eic26"><img src="https://www.kuppingercole.com//videothumb/from-access-control-to-trust-intelligence-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Identity First Security: Why External Identities Are Becoming the New Cyber Resilience Frontier]]></title>
			<link>https://www.kuppingercole.com/watch/identity-first-security-eic26</link>
			<guid>https://www.kuppingercole.com/watch/identity-first-security-eic26</guid>
			<description><![CDATA[ <p><strong>Customer, partner, and machine identities are now the largest unmanaged attack surface.</strong><br /><br />Cybersecurity strategies were traditionally built around employees, devices, and internal networks. But today, organisations manage far more external identities than workforce identities - including customers, partners, APIs, services, and AI agents. In many cases, the ratio already exceeds 1:100.<br />Yet security architectures still focus primarily on workforce IAM. This session explores why external identities are becoming the new cyber resilience frontier, how identity-driven attacks are evolving, and why organisations must adopt an Identity First Security approach to secure digital ecosystems.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/identity-first-security-eic26"><img src="https://www.kuppingercole.com//videothumb/identity-first-security-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Identity Visibility and Intelligence Platforms – Hype or Necessity in the Age of AI? [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/identity-visibility-and-intelligence-platforms-eic26</link>
			<guid>https://www.kuppingercole.com/watch/identity-visibility-and-intelligence-platforms-eic26</guid>
			<description><![CDATA[ <p>Whether human, non-human, or agentic, identities have become the dominant control plane - and attack surface - of modern digital infrastructures. Yet our visibility into who actually has access to what remains fragmented across IGA, PAM, CIEM, and SaaS environments, resulting in persistent over-entitlement and hidden risks. In the age of AI, this gap becomes critical: Access can be exploited at machine speed, while IAM architectures often still rely on static models, periodic reviews, and incomplete context. Identity Visibility and Intelligence Platforms (IVIPs) have emerged as an architectural response to these real-world challenges, introducing a dedicated layer for continuously aggregating, correlating, and analyzing identity and access data across the Identity Fabric. Drawing on practical observations from the field, this session examines why identity transparency has remained elusive despite mature IAM controls - and why continuous identity visibility and intelligence are increasingly foundational for risk-adaptive access, identity threat detection, and true least privilege in AI-driven environments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/identity-visibility-and-intelligence-platforms-eic26"><img src="https://www.kuppingercole.com//videothumb/identity-visibility-and-intelligence-platforms-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Almost Human: How to Protect Machine Identities [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/almost-human-how-to-protect-machine-identities-eic26</link>
			<guid>https://www.kuppingercole.com/watch/almost-human-how-to-protect-machine-identities-eic26</guid>
			<description><![CDATA[ <p class="xmsonormal">Not every machine identity is human, and not every machine identity is AI. What about protecting the machines that already exist in your environment? This includes service accounts, enterprise applications, and all the other names they have today.</p>
<p class="xmsonormal">This session will examine how to protect these identities in a modern environment, make attacks visible, and respond to attacks that are already underway. This demo-packed session will show how simple attacks against service accounts in Active Directory and app registrations in Entra ID can be.</p>
<p class="xmsonormal">It will also show how attackers can live persistently in your environment, steal data, and act like a normal business application.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/almost-human-how-to-protect-machine-identities-eic26"><img src="https://www.kuppingercole.com//videothumb/almost-human-how-to-protect-machine-identities-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From IAM to ITDR: Building Identity Threat Detection and Response for Real-World Resilience [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/from-iam-to-itdr-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-iam-to-itdr-eic26</guid>
			<description><![CDATA[ <p>Identity Threat Detection and Response (ITDR) has quickly emerged as the next frontier of identity security. As attackers increasingly exploit legitimate credentials, tokens, and federated trust paths, traditional IAM controls, even those within mature Zero Trust frameworks, often fail to detect subtle identity misuse until it&rsquo;s too late.<br /><br />In this session, Hutch will use his experience at a large global bank to explore how organizations can extend their IAM foundations into a true identity security operations capability, blending signals from IAM, EDR, SIEM, and cloud platforms to identify and respond to identity-based threats in real time. Attendees will learn how to recognize early indicators of compromise within authentication, authorization, and privilege escalation flows and how to operationalize ITDR without waiting for a major vendor or product release.<br /><br />Drawing on real-world scenarios and implementation lessons, Hutch will outline a practical roadmap for detecting and containing identity attacks before they evolve into full-scale breaches.<br /><br />Key Takeaways<br /><br /></p>
<ul>
<li>Understand what Identity Threat Detection and Response (ITDR) is and how it complements IAM, IGA, and Zero Trust programs.</li>
<li>Learn the critical telemetry sources and detection logic required to identify identity abuse across cloud and hybrid environments.</li>
<li>Explore a reference architecture for integrating ITDR into existing SOC workflows and incident response playbooks.</li>
<li>See real-world attack paths and detections, including MFA fatigue, token replay, and conditional access bypass attempts.</li>
<li>Gain a practical maturity roadmap for moving from identity visibility to proactive identity defense.</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-iam-to-itdr-eic26"><img src="https://www.kuppingercole.com//videothumb/from-iam-to-itdr-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Passwordless at Scale: 80% Adoption and Counting]]></title>
			<link>https://www.kuppingercole.com/watch/passwordless-at-scale-eic26</link>
			<guid>https://www.kuppingercole.com/watch/passwordless-at-scale-eic26</guid>
			<description><![CDATA[ <p>Passwordless authentication offers stronger security and a more seamless user experience, but scaling it across a complex, diverse ecosystem is another story.<br />We will walk through the journey of achieving over 80% passwordless adoption at Schenker, a global enterprise, across the workforce, partners, customers, and non-human identities.</p>
<p>Topics covered:</p>
<ol>
<li>Rollout strategy to build trust within the target group through a user experience-driven adoption approach</li>
<li>Challenges in the adoption of passwordless technologies and limitations encountered</li>
<li>The steps required to decommission static passwords</li>
</ol>				<br/><br/><a href="https://www.kuppingercole.com/watch/passwordless-at-scale-eic26"><img src="https://www.kuppingercole.com//videothumb/passwordless-at-scale-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond the Hype: Expensive IAM Trends You Can Overlook]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-the-hype-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-the-hype-eic26</guid>
			<description><![CDATA[ <p>AI-powered governance, machine identities, predictive analytics: the IAM industry never runs out of promising trends. But let's be honest: most organizations are wrestling with entirely different problems. Overcomplicated solutions, exploding license costs, and the eternal question: "Do we actually need all this?"</p>
<p class="font-claude-response-body">In this session, we cut through the noise. Together with our customer Matthias from GLS we&lsquo;ll have an open dialogue about what IAM really looks like in day-to-day operations. We'll walk through real scenarios: Are NHIs really new for companies and do require special treatment? What do you do when fancy AI features recommend access based on historically wrong assignments? Or when the gap between vendor promises and actual capabilities slows down your IAM rollout?</p>
<p>Our goal: Don't panic when Joiner, Mover, Leaver processes cause sleepless nights. Most of the time a simple, straightforward solution with reduced complexity is exactly the right approach. Join us to get the bare truth about real life issues and solutions, focusing on real cases and implementations, independent of which tool your company has chosen.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-the-hype-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-the-hype-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Why SaaS Security and AI Governance Are Critical to Cybersecurity [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/why-saas-security-and-ai-governance-are-critical-eic26</link>
			<guid>https://www.kuppingercole.com/watch/why-saas-security-and-ai-governance-are-critical-eic26</guid>
			<description><![CDATA[ <p>In today's digital-first business environment, SaaS applications are core to productivity, collaboration, and innovation, while AI and AI agents are rapidly becoming part of everyday business workflows. Their adoption, however, expands the organization's attack surface and creates new governance challenges. SaaS providers secure their underlying platforms, but customers remain accountable for how those services are configured, accessed, monitored, and governed.</p>
<p>This 20-minute session explains why SaaS security and AI governance must be treated as pillars of a modern cybersecurity strategy. It will examine identity and access governance, weak authentication, over-permissioned users, orphaned accounts, shadow SaaS and AI, misconfigured services, and emerging agentic AI risks. The session will also preview the in-flight KuppingerCole Leadership Compass on SaaS Security and AI Governance.</p>
<p><strong>Key Takeaways</strong></p>
<ul>
<li>Understand why SaaS and AI governance risks are growing</li>
<li>Identify common visibility, access, configuration, and lifecycle gaps that expose SaaS applications.</li>
<li>Explore how AI agents change governance, accountability, and permission-management</li>
<li>Get an early view of the forthcoming Leadership Compass on SaaS Security and AI Governance</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/why-saas-security-and-ai-governance-are-critical-eic26"><img src="https://www.kuppingercole.com//videothumb/why-saas-security-and-ai-governance-are-critical-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Policy-Driven IAM: How SBB Embedded Identity into Enterprise Self-Service [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/policy-driven-iam-eic26</link>
			<guid>https://www.kuppingercole.com/watch/policy-driven-iam-eic26</guid>
			<description><![CDATA[ <p>In today's cloud self-service portals, it is possible to assemble and configure complex IT infrastructures within minutes. While this ease of access is standard for cloud resources, it remains a significant challenge for IAM resources: connecting applications to single sign-on or granting access to various resources often takes days or even weeks.<br /><br />In this case study, we share how SBB embedded the provisioning of IAM capabilities directly into the enterprise self-service processes &mdash; without compromising security. By pairing productized IAM services with automated guardrails, policy-driven workflows, and clear accountability, we significantly reduced lead times for consumers while shifting responsibility to the natural owners: application teams and business product owners. Risks are managed where they originate, and our Identity Fabric is integrated with the overarching IT service management processes.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/policy-driven-iam-eic26"><img src="https://www.kuppingercole.com//videothumb/policy-driven-iam-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From TPAG to Trusted Partnerships: Scaling Secure B2B Identity in Complex Ecosystems]]></title>
			<link>https://www.kuppingercole.com/watch/from-tpag-to-trusted-partnerships-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-tpag-to-trusted-partnerships-eic26</guid>
			<description><![CDATA[ <p>B2B identity ecosystems are becoming increasingly complex across partners, suppliers, franchises, and multi-tenant environments. Traditional TPAG approaches are struggling to scale with modern digital business requirements.</p>
<p>In this session, Devesh explores how organizations are evolving from static third-party access governance toward dynamic, trust-based B2B identity models using automation, group management, policy-based authorization, and identity orchestration to improve both security and business agility.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-tpag-to-trusted-partnerships-eic26"><img src="https://www.kuppingercole.com//videothumb/from-tpag-to-trusted-partnerships-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Results of the B2B CIAM Leadership Compass [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/results-of-the-b2b-ciam-leadership-compass-eic26</link>
			<guid>https://www.kuppingercole.com/watch/results-of-the-b2b-ciam-leadership-compass-eic26</guid>
			<description><![CDATA[ <p>As business ecosystems grow increasingly interconnected, the ability to securely manage external identities such as partners, contractors, suppliers, and customers has elevated B2B CIAM to a strategic imperative. This session will review the findings from the latest KuppingerCole Leadership Compass on B2B CIAM, with a particular focus on how leading solutions address the complex technical and organizational demands of inter-organizational identity management.<br /><br />We will begin by outlining the defining characteristics of B2B CIAM, distinguishing it from both B2E and B2C scenarios. The discussion will emphasize capabilities essential to B2B identity use cases, including delegated administration across business units and partner organizations, fine-grained and dynamic authorization models such as attribute-based access control (ABAC), and flexible identity federation to support hybrid trust environments.<br /><br />The session will then turn to integration requirements that distinguish B2B CIAM deployments, particularly the need to align identity management with line-of-business (LOB) applications and HR or contractor management systems. We will examine how CIAM platforms enable these integrations to support pre-access identity vetting, background checks, and compliance workflows, as well as runtime access governance across multi-tenant environments.<br /><br />A core segment will be dedicated to the Leadership Compass results, highlighting vendors that demonstrate strength in delegated user lifecycle management, cross-domain provisioning, policy-driven access enforcement, and API-level extensibility for embedding identity services into complex application environments. We will discuss how innovation leaders are approaching B2B CIAM as an orchestration and trust framework rather than simply a scaled-up version of B2C identity services.<br /><br />Participants will gain insight into architectural and functional trends shaping the B2B CIAM landscape, criteria for vendor evaluation, and how organizations can leverage these platforms to support scalable, secure, and compliant inter-organizational identity ecosystems.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/results-of-the-b2b-ciam-leadership-compass-eic26"><img src="https://www.kuppingercole.com//videothumb/results-of-the-b2b-ciam-leadership-compass-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond the Bearer Token: Veridian for IoT, OT & Smart Infrastructure]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-the-bearer-token-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-the-bearer-token-eic26</guid>
			<description><![CDATA[ <p>Industry 4.0 is moving faster than the identity layer underneath it. Sensors, robots, autonomous vehicles and AI agents now make decisions across organisational borders in real time - yet most still authenticate with vendor PKI, OAuth bearer tokens, or device certificates that cannot rotate, cannot prove provenance, and cannot survive a quantum break. The result is a trust gap at the very edge where Industry 4.0 actually has to work.<br />This talk introduces the missing layer. KERI gives every device and agent a self-certifying, post-quantum-ready identifier. ACDCs carry verifiable credentials with full chain-of-authority provenance. The GLEIF vLEI anchors that chain in a globally interoperable root of legal-entity identity. Drawing on Veridian's production deployments and complaint GLEIF vLEI tooling, the session shows how this stack lands on real Industry 4.0 problems - device onboarding, OT command authority and cross-operator interoperability - verifiable in milliseconds, with no bilateral integrations.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-the-bearer-token-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-the-bearer-token-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond Compliance: Identity Architecture for Industry 4.0 under NIS2 and the CRA]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-compliance-identity-architecture-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-compliance-identity-architecture-eic26</guid>
			<description><![CDATA[ <p>European regulation is changing the identity design brief for Industry 4.0. In manufacturing, identity can no longer stop at workforce access or remote supplier access. NIS2 raises expectations for cyber risk management, reporting, and supply-chain security across 18 critical sectors, while the Cyber Resilience Act requires products with digital elements to be secure by default and maintained through their expected support period, with reporting obligations starting on 11 September 2026 and the main obligations applying from 11 December 2027.</p>
<p>This session explains why factories now need four identity planes: workforce, third-party, machine, and product. It shows how that shift changes the way organizations handle machine and gateway identity, product lifecycle trust, and the evidence needed for governance and incident response. Rather than treating NIS2 and the CRA as compliance checklists, the session turns them into a practical identity architecture problem for operations, suppliers, machines, and connected products.</p>
<p><strong>Attendees will leave with:</strong></p>
<ul type="disc" data-start="1219" data-end="1636">
<li>a clear model for separating workforce, third-party, machine, and product identities in a factory environment</li>
<li>a practical view of how CRA changes product lifecycle identity, from secure defaults to updates and support periods</li>
<li>a concrete understanding of how NIS2 shifts identity from access alone to evidence, review, and accountability after incidents or supplier activity</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-compliance-identity-architecture-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-compliance-identity-architecture-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Maintaining OT and Worker Identity Security in Disrupted, Degraded, Intermittent, and Low-Bandwidth (DDIL) Environments [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/maintaining-ot-and-worker-identity-security-eic26</link>
			<guid>https://www.kuppingercole.com/watch/maintaining-ot-and-worker-identity-security-eic26</guid>
			<description><![CDATA[ <p>In military operations, solving for reliable security at the tactical edge requires identity systems to remain responsive and operational in disrupted, degraded, intermittent, and low-bandwidth (DDIL) scenarios. Identity systems must continue to operate the same in theater whether or not connectivity to the home base is available. However, one does not need to be in the military to recognize the potential value of replicating these deployment patterns for OT. A DDIL-capable identity architecture ensures robust industrial operations and security regardless the connectivity status of the factory floor. In this talk Jon Lehtinen will walk through the components, architecture, use cases, and operation of a DDIL identity system to show how solving for DDIL scenarios can keep your staff, OT, and IT functional even if you lose the connection to the outside world.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/maintaining-ot-and-worker-identity-security-eic26"><img src="https://www.kuppingercole.com//videothumb/maintaining-ot-and-worker-identity-security-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From a Federated IT Service Provider to Secure CIAM: How ACP Optimized Identity Management with SSO [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/from-a-federated-it-service-provider-to-secure-iam-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-a-federated-it-service-provider-to-secure-iam-eic26</guid>
			<description><![CDATA[ <p>How does ACP manage the transition from a federated IT service provider to a secure and efficient CIAM solution? In this presentation, you will learn how ACP uses Single Sign-On (SSO) not only to strengthen security but also to improve the user experience and simplify identity management. Gain practical insights into the transformation toward a future-proof solution for modern enterprises.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-a-federated-it-service-provider-to-secure-iam-eic26"><img src="https://www.kuppingercole.com//videothumb/from-a-federated-it-service-provider-to-secure-iam-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[More agility, resilience, compliance and competitiveness in manufacturing and CNI. It’s a tall order which modern PAM helps deliver. [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/more-agility-resilience-compliance-and-competitiveness-eic26</link>
			<guid>https://www.kuppingercole.com/watch/more-agility-resilience-compliance-and-competitiveness-eic26</guid>
			<description><![CDATA[ <p data-start="92" data-end="443">The factory of the future is a data center with things coming out. Electricity generation, transmission, and distribution will be an orchestrated, distributed network of nodes and graphs balancing the grid at 50 hertz. Two things will not change: the primacy of physical safety in these systems, and the economic and social cost of unplanned downtime.</p>
<p data-start="445" data-end="720">The changing global order has elevated innovation, agility, and resilience from sources of competitive advantage for companies to matters of European national security. Our compliance framework is being challenged to prove its value as an enabler of necessary transformation.</p>
<p></p>
<p data-start="722" data-end="1151" data-is-last-node="" data-is-only-node="">This session focuses on the tension between digitization, safety, and compliance faced by organizations whose value creation is based on physical production processes. We will examine the role of cybersecurity in brownfield and greenfield production systems, and in particular the value of modern privileged access management for both human and non-human identities in improving uptime, productivity, and the end-user experience.</p>
<div class="relative basis-auto flex-col -mb-(--composer-overlap-px) pb-(--composer-overlap-px) [--composer-overlap-px:28px] grow flex">
<div class="flex flex-col text-sm">
<div data-turn-id-container="request-69f48c77-1de0-8393-a2c6-7e664c882402-117" data-is-intersecting="true">
<div class="relative w-full overflow-visible">
<div class="text-base my-auto mx-auto [--thread-content-margin:var(--thread-content-margin-xs,calc(var(--spacing)*4))] @w-sm/main:[--thread-content-margin:var(--thread-content-margin-sm,calc(var(--spacing)*6))] @w-lg/main:[--thread-content-margin:var(--thread-content-margin-lg,calc(var(--spacing)*16))] px-(--thread-content-margin)">
<div class="[--thread-content-max-width:40rem] @w-lg/main:[--thread-content-max-width:48rem] mx-auto max-w-(--thread-content-max-width) flex-1 group/turn-messages focus-visible:outline-hidden relative flex w-full min-w-0 flex-col agent-turn">
<div class="flex max-w-full flex-col gap-4 grow">
<div data-message-author-role="assistant" data-message-id="e52c091d-9ae0-4adb-baab-aac2925c55b2" dir="auto" data-message-model-slug="gpt-5-5-thinking" class="min-h-8 text-message relative flex w-full flex-col items-end gap-2 text-start break-words whitespace-normal outline-none keyboard-focused:focus-ring [.text-message+&amp;]:mt-1">
<div class="flex w-full flex-col gap-1 empty:hidden">
<div class="markdown prose dark:prose-invert wrap-break-word w-full dark markdown-new-styling">
<p data-start="92" data-end="443">The factory of the future is a data center with things coming out. Electricity generation, transmission, and distribution will be an orchestrated, distributed network of nodes and graphs balancing the grid at 50 hertz. Two things will not change: the primacy of physical safety in these systems, and the economic and social cost of unplanned downtime.</p>
<p data-start="445" data-end="720">The changing global order has elevated innovation, agility, and resilience from sources of competitive advantage for companies to matters of European national security. Our compliance framework is being challenged to prove its value as an enabler of necessary transformation.</p>
<p data-start="722" data-end="1151" data-is-last-node="" data-is-only-node="">This session focuses on the tension between digitization, safety, and compliance faced by organizations whose value creation is based on physical production processes. We will examine the role of cybersecurity in brownfield and greenfield production systems, and in particular the value of modern privileged access management for both human and non-human identities in improving uptime, productivity, and the end-user experience.</p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>				<br/><br/><a href="https://www.kuppingercole.com/watch/more-agility-resilience-compliance-and-competitiveness-eic26"><img src="https://www.kuppingercole.com//videothumb/more-agility-resilience-compliance-and-competitiveness-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Privileged Access Management (PAM) - Market Overview [Intermediate]]]></title>
			<link>https://www.kuppingercole.com/watch/priviledge-access-management-market-overview-eic26</link>
			<guid>https://www.kuppingercole.com/watch/priviledge-access-management-market-overview-eic26</guid>
			<description><![CDATA[ <p><strong>Privileged Access Management (PAM) is entering a decisive phase of transformation.</strong> The latest 2026 KuppingerCole Leadership Compass reveals how cloud infrastructure, DevOps automation, and machine-driven access are reshaping what &ldquo;privileged&rdquo; really means. This session looks beyond traditional PAM to examine how privileged actions now span humans and machines across servers, endpoints, cloud platforms, workloads, and more.</p>
<p>This session will explore how leading PAM vendors are responding to this shift through automation, just-in-time access, cloud entitlement controls, and deeper integration with machine and workload access models. Attendees will gain practical insight into which capabilities remain foundational, which innovations are shaping the future of PAM, and how to future-proof PAM investments in complex hybrid and cloud-native environments.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/priviledge-access-management-market-overview-eic26"><img src="https://www.kuppingercole.com//videothumb/priviledge-access-management-market-overview-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Machines With Identities: Securing AI Agents and Synthetic Actors]]></title>
			<link>https://www.kuppingercole.com/watch/panel-machines-with-identites-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-machines-with-identites-eic26</guid>
			<description><![CDATA[ <p>AI agents are rapidly becoming first-class digital actors, performing tasks, making decisions, and interacting autonomously across systems. This panel examines why these agents now require identity, trust, and accountability frameworks comparable to human users. Experts will explore emerging models for agent authentication, detecting synthetic identities, and governing autonomous behaviors across complex ecosystems. Attendees will gain clarity on the risks and opportunities of agent-driven interactions, learn how to prepare their IAM architecture for AI-native actors, and understand what trust and control must look like in an autonomous future.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-machines-with-identites-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-machines-with-identites-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Delegating Digital Identity: Enabling Trusted AI Agents in Transactional Flows]]></title>
			<link>https://www.kuppingercole.com/watch/panel-delegating-digital-identity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/panel-delegating-digital-identity-eic26</guid>
			<description><![CDATA[ <p>As AI agents begin to participate directly in commerce, identity systems must evolve to support trusted delegation and non‑human actors. This session explores the foundations of identity‑driven Agentic Commerce, where users can grant controlled mandates to AI agents that act on their behalf in digital transactions such as e-commerce. We will discuss the principles needed to ensure these AI‑mediated interactions remain transparent, fair, and aligned with user intent.&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/panel-delegating-digital-identity-eic26"><img src="https://www.kuppingercole.com//videothumb/panel-delegating-digital-identity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[When Your AI Agents Need Passports: The Non-Human Identity Crisis [Advanced]]]></title>
			<link>https://www.kuppingercole.com/watch/when-your-ai-agents-need-passports-eic26</link>
			<guid>https://www.kuppingercole.com/watch/when-your-ai-agents-need-passports-eic26</guid>
			<description><![CDATA[ <p>Every organization now manages more non-human identities than human employees&mdash;service accounts, API keys, CI/CD pipelines, containerized workloads, and increasingly, autonomous AI agents. Yet while we've spent decades perfecting human identity governance, non-human identities remain the enterprise's largest blind spot.<br />This session exposes the cascading risks when non-human identities lack proper lifecycle management. We'll examine how the software supply chain amplifies these risks: compromised build service accounts that inject malicious code, over-privileged GitHub Actions that exfiltrate source code, and AI coding assistants with standing access to production systems. Drawing on recent supply chain breaches (SolarWinds, Codecov, CircleCI), we'll demonstrate how attackers exploit the "identity chaos" in modern development pipelines.<br />Attendees will learn a practical framework for non-human identity governance covering credential rotation policies, just-in-time access for build systems, workload identity federation, and the emerging challenge of authenticating AI agents that write, review, and deploy code autonomously. We'll introduce the concept of "identity observability" for software pipelines and show how policy-based access control can reduce the attack surface by 70% without slowing development velocity.</p>
<p>Key Takeaways:</p>
<ul>
<li>Understand the non-human identity explosion in cloud-native and AI-augmented development</li>
<li>Learn the 5-step framework for SSCS credential governance</li>
<li>See real breach patterns where non-human identity failures enabled supply chain attacks</li>
<li>Discover tools and standards (SPIFFE, Workload Identity, AuthZEN) that scale identity control</li>
</ul>				<br/><br/><a href="https://www.kuppingercole.com/watch/when-your-ai-agents-need-passports-eic26"><img src="https://www.kuppingercole.com//videothumb/when-your-ai-agents-need-passports-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Shaping AIdentity Standards: Beyond OAuth and OIDC?]]></title>
			<link>https://www.kuppingercole.com/watch/shaping-aidintity-standarts-eic26</link>
			<guid>https://www.kuppingercole.com/watch/shaping-aidintity-standarts-eic26</guid>
			<description><![CDATA[ <p>As AI systems increasingly interact with users, services, and other agents, the need for robust AIdentity standards becomes critical. This panel explores how identity frameworks must evolve to securely convey signals such as behavior, consent, and constraints across a complex mesh of human, workload, and AI identities. Are existing standards like OAuth and OpenID Connect sufficient, or is there a need to incorporate emerging approaches such as Decentralized Identifiers (DIDs) and Verifiable Credentials? Panelists will examine the current state of standardization efforts and discuss what additional components are required to build a secure and interoperable AIdentity ecosystem.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/shaping-aidintity-standarts-eic26"><img src="https://www.kuppingercole.com//videothumb/shaping-aidintity-standarts-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: Signals, Policies, and Identity Agency: A Smarter Identity Layer]]></title>
			<link>https://www.kuppingercole.com/watch/signals-policies-and-identity-agency-eic26</link>
			<guid>https://www.kuppingercole.com/watch/signals-policies-and-identity-agency-eic26</guid>
			<description><![CDATA[ <p>This panel explores how identity platforms are shifting from static rules to continuous, signal-informed decisioning. Experts will discuss emerging ecosystems for security signals, real-time risk evaluation, and policy-based authorization, highlighting why adaptive identity is becoming essential for Zero Trust and resilient digital operations. Attendees will learn how signal orchestration enhances security, improves user experience, and transforms access control from a reactive model into an intelligent, dynamic layer that aligns with modern threats and business expectations.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/signals-policies-and-identity-agency-eic26"><img src="https://www.kuppingercole.com//videothumb/signals-policies-and-identity-agency-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Solving the Developing Country Identity Dilemma [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/eic2026-2026-05-20-rohr</link>
			<guid>https://www.kuppingercole.com/watch/eic2026-2026-05-20-rohr</guid>
			<description><![CDATA[ <p data-start="96" data-end="370">As a community, identity professionals tend to solve typical &ldquo;first-world&rdquo; problems in large enterprises with cutting-edge technology. But what if, beyond &ldquo;KYC&rdquo; and &ldquo;DID,&rdquo; your target audience lives on $1 a day and has no iPhone to hold a wallet with an eIDAS-compliant eID?</p>
<p data-start="372" data-end="594" data-is-last-node="" data-is-only-node="">This talk dives deeper into real-world challenges such as birth registration and obtaining birth certificates as a foundation for getting physical ID and, possibly, an online-verifiable ID such as Aadhaar, but more secure.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/eic2026-2026-05-20-rohr"><img src="https://www.kuppingercole.com//videothumb/eic2026-2026-05-20-rohr/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond Borders: How Internet Fragmentation Shapes the Future of Identity [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-borders-internet-fragmentation-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-borders-internet-fragmentation-eic26</guid>
			<description><![CDATA[ <p>The Internet was once imagined as a borderless network, where protocols&mdash;not politics&mdash;defined interoperability. That vision no longer maps to the reality of the world today. Trade wars, digital sovereignty battles, demographic shifts, and fragile technology supply chains are fragmenting the Internet in ways that go far beyond technical debates.<br /><br />For identity professionals, these fractures aren&rsquo;t academic; they directly affect how federations interoperate, how credentials are trusted across borders, and how enterprises plan for resilience. The question is not whether the Internet is fragmenting, but how that fragmentation will impact digital identity infrastructures built on the assumption of global reach.<br /><br />This session draws from recent analysis on the end of the &ldquo;global&rdquo; Internet, exploring how:<br /><br />Technology supply chains set practical limits on AI and identity infrastructure.<br /><br />Standards risk being bent&mdash;or broken&mdash;by trade disputes and sovereignty mandates.<br /><br />Demographics drive not just user behavior but the political economy shaping Internet governance.<br /><br />Rather than simply predicting collapse, the session will focus on how enterprises, governments, and standards bodies can adapt. What resilience strategies make sense for a world where regional identity stacks grow stronger? How can European stakeholders engage to ensure trust, security, and usability in cross-border identity systems?<br /><br />Attendees will leave with a clearer view of the risks and opportunities of fragmentation, and practical ideas for shaping digital identity strategies in a world where global interoperability can no longer be assumed.&nbsp;</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-borders-internet-fragmentation-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-borders-internet-fragmentation-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[PANEL: From Wallets to Business Models: Where’s the Real Value in Verifiable Credentials?]]></title>
			<link>https://www.kuppingercole.com/watch/from-wallets-to-business-models-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-wallets-to-business-models-eic26</guid>
			<description><![CDATA[ <p>This panel examines how decentralized identity and digital wallets are reshaping the identity value chain and forcing new business models to emerge. Experts will explore who creates, captures, and exchanges value in verifiable credential ecosystems, from phone-home trust models to decentralized and cross-ecosystem value flows.</p>
<p>Attendees will gain clarity on sustainable economic incentives, understand where different participants fit, and learn what it will take to build viable, scalable business models in a world where issuers, holders, and verifiers operate with limited visibility into each other's activities.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-wallets-to-business-models-eic26"><img src="https://www.kuppingercole.com//videothumb/from-wallets-to-business-models-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Finally, Digital Identity You Can Trust [Introductory]]]></title>
			<link>https://www.kuppingercole.com/watch/finally-digital-identity-you-can-trust-eic26</link>
			<guid>https://www.kuppingercole.com/watch/finally-digital-identity-you-can-trust-eic26</guid>
			<description><![CDATA[ <p>Digital identities promise to transform our lived experiences both online and in the real world, yet trust has remained elusive. The building blocks for truly trusted digital identity are all here now. Passkeys are eliminating passwords and phishing. Verifiable Digital Credentials are enabling portable, privacy-preserving identity proofs. The Digital Credentials API and modern wallets are creating the connective tissue that allows these technologies to work together.</p>
<p>To unlock the full potential of this ecosystem, we need to bring this all together in a pragmatic manner. We need interoperability to be prioritized and incentivized, clear guidance on how to implement these technologies with security and privacy in mind, and frameworks that respect the individual&rsquo;s rights while ensuring global accessibility.</p>
<p>Join Nishant Kaushik, CTO, FIDO Alliance, as he explores how these pieces can come together to create an ecosystem where every participant can operate with confidence. We&rsquo;re so close to a future where digital identity isn&rsquo;t just convenient, but trusted by all.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/finally-digital-identity-you-can-trust-eic26"><img src="https://www.kuppingercole.com//videothumb/finally-digital-identity-you-can-trust-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[From Vibe Coding to Agent Identity – Rethinking Authentication in the Age of AI]]></title>
			<link>https://www.kuppingercole.com/watch/from-vibe-coding-to-agent-identity-eic26</link>
			<guid>https://www.kuppingercole.com/watch/from-vibe-coding-to-agent-identity-eic26</guid>
			<description><![CDATA[ <p data-start="87" data-end="374">AI is not only transforming how software is built; it is also redefining how systems authenticate, authorize, and establish trust. At cidaas, we explore how concepts such as Model Context Protocol (MCP) and Agent-to-Agent (A2A) communication are reshaping identity and access management.</p>
<p data-start="376" data-end="549">AI agents are no longer limited to executing isolated requests. They act autonomously, delegate identities, and interact across multiple systems, and even with other agents.</p>
<p>This raises fundamental questions:</p>
<ul type="disc">
<li>Who is acting the user, the agent, or both?</li>
<li>How do we control delegated access?</li>
<li>How can systems establish trust in machine-to-machine interactions at scale?</li>
</ul>
<p>In this keynote, Sadrick Widmann will share how we are building AI-driven capabilities within a SaaS platform and how this is transforming authentication, authorization, and security architecture. The session will focus on balancing innovation with control while redefining identity in an increasingly autonomous world.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/from-vibe-coding-to-agent-identity-eic26"><img src="https://www.kuppingercole.com//videothumb/from-vibe-coding-to-agent-identity-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Beyond the Buzz: The Real Role of AI in IAM]]></title>
			<link>https://www.kuppingercole.com/watch/beyond-the-buzz-eic26</link>
			<guid>https://www.kuppingercole.com/watch/beyond-the-buzz-eic26</guid>
			<description><![CDATA[ <p>Artificial Intelligence is being positioned as the cure-all for enterprise complexity &ndash; and Identity and Access Management (IAM) is no exception. AI promises smarter governance, automated decisions, and effortless deployments. In this session, we&rsquo;ll examine where AI genuinely struggles in IAM environments, why overreliance can introduce new risks, and what assumptions organizations often get wrong. More importantly, we&rsquo;ll explore the practical and strategic role AI can play within a modern, next-generation IAM framework &ndash; and how to leverage it responsibly and effectively.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/beyond-the-buzz-eic26"><img src="https://www.kuppingercole.com//videothumb/beyond-the-buzz-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Setting Boundaries for Agentic AI: Preventing Data Exposure at Enterprise Scale]]></title>
			<link>https://www.kuppingercole.com/watch/setting-boundaries-for-agentic-ai-eic26</link>
			<guid>https://www.kuppingercole.com/watch/setting-boundaries-for-agentic-ai-eic26</guid>
			<description><![CDATA[ <p>Agentic AI systems retrieve data, invoke tools, and execute actions across enterprise environments. Yet most agents still lack built-in controls. Without clear security boundaries, an agent can expose sensitive data in seconds, trigger workflows it should never touch, or disrupt critical business operations.</p>
<p>As a result, enforcing guardrails across the entire AI flow and centrally managing access for all identities, both human and machine, has become a critical business priority.</p>
<p>This session reviews common failure patterns in agentic AI environments and examines how dynamic controls can be applied across prompts, data access, tool usage, and outputs. It shows how these controls can be enforced in a distributed manner across the enterprise technology stack, enabling organizations to deploy agentic AI at scale while protecting sensitive information and maintaining operational control.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/setting-boundaries-for-agentic-ai-eic26"><img src="https://www.kuppingercole.com//videothumb/setting-boundaries-for-agentic-ai-eic26/400"></a>			]]></description>
		</item>
				<item>
						<pubDate>Wed, 20 May 2026 00:00:00 +0200</pubDate>
			<title><![CDATA[Navigating the Agentic AI Landscape]]></title>
			<link>https://www.kuppingercole.com/watch/navigating-the-agentic-ai-landscape-eic26</link>
			<guid>https://www.kuppingercole.com/watch/navigating-the-agentic-ai-landscape-eic26</guid>
			<description><![CDATA[ <p>Enterprise AI deployments have passed a threshold that most security frameworks were not designed for. Agentic AI - autonomous, tool-using systems that chain actions, delegate to sub-agents, and operate continuously on behalf of users - is already in production across a growing number of organizations. Existing approaches, including KuppingerCole's own Generative AI Defense (GAD) Leadership Compass, address one important slice of the problem but leave gaps in identity governance, compliance, and orchestration-layer controls.</p>				<br/><br/><a href="https://www.kuppingercole.com/watch/navigating-the-agentic-ai-landscape-eic26"><img src="https://www.kuppingercole.com//videothumb/navigating-the-agentic-ai-landscape-eic26/400"></a>			]]></description>
		</item>
			</channel>
</rss>
