Hi [[ session.user.profile.firstName ]]

Automating Attestation: A Critical Step in Security Risk Management

As the number of identities an organization manages explodes, making sure the right resources (human and non-human) have the right access can be overwhelming. Whether driven by compliance requirements or security risk management, attestation processes can provide periodic visibility into dynamically changing access – who has access, who granted it and who approved it. Automating those processes is a critical step to keeping access rights in line with the principle of least privilege and more importantly, can be automatically triggered as a result of a high-risk event.

In this panel, part of the Security Outcome Deep Dive Series, identity and security experts will provide real world examples about the role of attestation processes in a security risk management program, the key stakeholders involved and how it can be achieved using technologies that may already be deployed
Recorded Oct 9 2020 47 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Andy Smith (Centrify), Allen Moffett (Atos); Eric Uythoven (LexisNexis Risk), James Carder (LogRhythm)
Presentation preview: Automating Attestation: A Critical Step in Security Risk Management

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Identity-Centric PAM for Cloud and DevOps Oct 29 2020 4:00 pm UTC 60 mins
    Chris Owen, Director, Product Management at Centrify
    According to recent research by the Identity-Defined Security Alliance (IDSA), 59% of organizations say that cloud applications are driving a 5X increase in the number of identities over the past 10 years. And, over the past two years, 79% have had an identity-related breach.

    Digital transformation has massively expanded the threatscape, as modern technologies like cloud, DevOps, containers, microservices and more are creating an explosion in the number of machine identities in the IT estate. Now more than ever, it’s vital to take an identity-centric approach to securing privileged access to resources in on-premises, hybrid, and multi-cloud environments.

    In this webinar from Centrify, an IDSA member, we’ll explore:
    1. How organizations have evolved their use of cloud
    2. How Privileged Access Management (PAM) solutions have transformed to support new methodologies and tooling
    3. The differences between a shared account approach and identity-centric approach to PAM
    4. 6 key challenges organizations face for DevSecOps when it comes to cloud, and how to solve them
  • Automating Attestation: A Critical Step in Security Risk Management Recorded: Oct 9 2020 47 mins
    Andy Smith (Centrify), Allen Moffett (Atos); Eric Uythoven (LexisNexis Risk), James Carder (LogRhythm)
    As the number of identities an organization manages explodes, making sure the right resources (human and non-human) have the right access can be overwhelming. Whether driven by compliance requirements or security risk management, attestation processes can provide periodic visibility into dynamically changing access – who has access, who granted it and who approved it. Automating those processes is a critical step to keeping access rights in line with the principle of least privilege and more importantly, can be automatically triggered as a result of a high-risk event.

    In this panel, part of the Security Outcome Deep Dive Series, identity and security experts will provide real world examples about the role of attestation processes in a security risk management program, the key stakeholders involved and how it can be achieved using technologies that may already be deployed
  • Security Outcome Deep Dive: Governance-Driven Provisioning of Privileged Account Recorded: Oct 1 2020 44 mins
    Christopher Hills, BeyondTrust Deputy Chief Technology Officer and Chris Arnold, Avatier VP of Development
    In this webinar, we'll discuss the details of identity-defined security outcomes, privileged user accounts and entitlements are granted and removed through governance-driven provisioning. These outcomes provide organizations evidence of control over who has access to what resources that are required to meet security controls and compliance requirements, for example PCI, HIPPA, SOX, etc, as well as reduces risk of breach due to too much privileged access.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
  • Podcast | Becoming Identity-Aware with Identity Defined Security Alliance Recorded: Sep 24 2020 23 mins
    Julie Smith | Executive Director, Identity Defined Security Alliance (IDSA)
    In a recent report from Identity Defined Security Alliance, 79% of enterprises surveyed suffered an identity breach in the past two years. For episode 11, Executive Director for the IDSA, Julie Smith, joins us with special guest, Gil Kirkpatrick (16-time Microsoft MVP and Chief Architect at Semperis). They discuss zero-trust model initiatives, the NIST Framework, and the call for organizations to have an identity-centric strategy.



    Want to learn more about IDSA?
    Identity Defined Security Alliance provides vendor-neutral, free education, and resources that help organizations reduce the risk of a breach through identity-centric security strategies. To learn more, visit: https://www.idsalliance.org/
  • Security Outcome Deep Dive: Principle of Least Privilege Recorded: Sep 11 2020 40 mins
    Asad Ali, Thales Sr Technologist, Saravanan Thiyagarajan, CyberArk Director Of Technology and Industry Relations
    In this webinar, we'll discuss the details of identity-defined security outcome, user and privileged access rights are granted according to the principle of least privilege and how organizations can reduce the threat landscape by eliminating elevated privileged access beyond roles and responsibilities and detecting and automatically resolving policy-violating account access to maintain continuous compliance.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
  • Hacking Identity: The Good, Bad and Ugly of Identity-Centric Security Controls Recorded: Sep 3 2020 64 mins
    Jerod Brennen, SailPoint Identity Strategy and Solutions Advisor
    Identity-related breaches have become ubiquitous. From phishing attempts, to social engineering to compromised privileged credentials, capturing a legitimate set of credentials and even better with privileged access, is every cybercriminals dream. Knowing your opponent and the methods they use to steal identities can be the first step in enhancing an enterprise security strategy with an identity-centric security focus that has resulted in fewer breaches for some companies.

    Join Jerod Brennen, currently a SailPoint Identity Strategy and Solutions Advisor, but formerly a pen tester who worked in SecOps developing a solid grasp of the good, the bad, and the ugly of enterprise identity security. For red teams, this presentation will cover pen testing tips and tricks to circumvent weak or missing identity security controls. For blue teams, we'll also cover the steps you can take to shore up your identity-centric security controls and catch pen testers in the act. Purple teaming, FTW!
  • Security Outcome Deep Dive Series: Access Rights Revoked Based on Risk Recorded: Aug 27 2020 28 mins
    Ben Goodman, ForgeRock Senior Vice President Global Business and Corporate Development
    In this webinar, we'll discuss the details of identity-defined security outcome, Access is revoked upon detection of high-risk event associated with that identity, and how organizational exposure to defined policy breaches can be monitored and reduced.
    Note: If you have viewed other webinars in the series or are already familiar with the IDSA, skip ahead 6 minutes for the Security Outcome discussion.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
  • Security Outcome Deep Dive Series: Continuous Access Rights Discovery Recorded: Aug 13 2020 40 mins
    Morey Haber, BeyondTrust CISO and CTO and Chris Gregory, Saviynt VP of Channel Development and Operations
    In this webinar, we'll discuss the details of identity-defined security outcome, all user and privileged access rights are continuously discovered and how organizations can reduce the risk of a breach from over-privileged access and invalid or orphaned accounts.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
    Note: If you have viewed other webinars in the series or are already familiar with the IDSA, skip ahead 6 minutes for the Security Outcome discussion.
  • Security Outcome Deep Dive Series: Continuous Identity Assurance Recorded: Aug 5 2020 28 mins
    Cassie Christensen, SecZetta Identity Solutions Advisor
    In this webinar, we'll discuss the details of identity-defined security outcome, user's identity is systematically proven through the identity lifetime, and how organizations can ensure access is granted to the right identity.

    Part of our Security Outcome Deep Dive series, where we examine each of the Identity Defined Security Outcomes and Implementation Approaches recently published by the IDSA providing organizations with vendor-neutral guidance on reducing the risk of an identity-related breach.
    Note: If you have viewed other webinars in the series or are already familiar with the IDSA, skip ahead 6 minutes for the Security Outcome discussion.
  • Security Outcome Deep Dive Series: Protecting Privileged Accounts with MFA Recorded: Jul 28 2020 30 mins
    Paul Lanzi, Remediant co-founder and COO
    In our latest research, 79% of companies surveyed experienced an identity-related breach in the last 2 years and interestingly only 38% of those companies have implemented multi-factor authentication (MFA) to protect privileged accounts. Because these accounts, whether human or non-human (machines, service, application), are considered the riskiest, organizations should consider an extra layer of security through MFA.
    Please join Paul Lanzi, IDSA Technical Working Group Member and Remediant co-founder and COO as he discusses the details of identity-defined security outcome, all privileged access requires MFA, and how organizations can implement additional protections for their most sensitive accounts, reducing the risk of an identity-related breach.
  • Incorporating Identity in Your Security and Zero Trust Strategies Recorded: Nov 19 2019 54 mins
    Joe Gottlieb, SVP of Strategy and Business Development, SailPoint & Erik Bartholomy, Security Architect, LogRhythm
    Experts predict that total losses related to cybercrime will reach $6 trillion in 2021. The weapon of choice has been compromised identity and yet security teams run for the door when discussing identity and access management. The rapid adoption of cloud and mobile is forcing organizations to rethink their security model, with Zero Trust generating the most noise these days. In this webinar, we’ll explore how the emerging intersection of identity and security can reduce the risk of a breach (and the resulting financial and reputational losses) and enable a modern day Zero Trust approach.

    The Identity Defined Security Alliance is dedicated to helping organizations improve their security posture through identity-centric security strategies, education and frameworks. Join Joe Gottlieb, IDSA Executive Board Member and SailPoint SVP of Strategy and Corporate Business Development and Erik Bartholomy, LogRhythm Security Architect, to learn how:
    - You can make identity and security work better together
    - Identity-centric security is redefining Zero Trust
    - LogRhythm was able to fully transition to the cloud, eliminate infrastructure (VPNs, firewalls and directories) and become more secure
Advocating the importance of identity-centric security strategies
This channel brings together the leading identity and security vendors and industry experts to regularly educate security leaders on how to reduce risk through identity-centric strategies. For more information check out www.idsalliance.org.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Automating Attestation: A Critical Step in Security Risk Management
  • Live at: Oct 9 2020 4:00 pm
  • Presented by: Andy Smith (Centrify), Allen Moffett (Atos); Eric Uythoven (LexisNexis Risk), James Carder (LogRhythm)
  • From:
Your email has been sent.
or close