Name: PlainSense: Authorization Policy Enforcement in Service Mesh - Part 3
Start: 2021-02-17T17:00:00Z
End: 2021-02-17T17:00:26.000Z
Location: BrightTALK
Rating: 3

PlainID is The Identity Security Company. We help identity-centric enterprises defend themselves from adversaries who use identity-based attacks. Our Identity Security Posture Management Platform provides Identity Insights, SaaS Authorization Management, and Dynamic Authorization Services to create identity-centric security across SaaS, APIs, microservices, apps, and data powered by policy-based access control

The increasing intricacies and granularity of data access call for a proactive security approach across all enterprise architecture layers.

Learn how PlainID helps firms modernize their approach to Authorization while increasing identity-centric security and protecting data access.

Join Mickey Martin, Director of Product Outreach, & Tom Ammirati Chief Revenue Officer  PlainID, as they discuss the challenges facing enterprises today in preventing identity related security risks, addressing advanced data access challenges including compliance & regulatory requirements.


Key Takeaways: 

Policy Based Access Control:  How & why PBAC can help increase your identity-centric security level, address common access control patterns & modernize your authorization engine.

Central Policy Management & Distributed Enforcement:  Learn how standardization of authorization policy management & enforcement reduces both security risk and operational cost.

The Identity Attack Surface & Future of Access Control: Discuss market trends, insights, and how PlainID is planning to address the challenges of Identity Security.

Customer case study: Will discuss a real-world customer’s journey of externalizing authorization policies, leveraging PBAC, and securing access to mission-critical applications.

How Dynamic Authorization Secures Identities & Protects Data Access

The increasing intricacies and granularity of network access call for a proactive security approach that grants visibility across the enterprise. Learn how PlainID helps modernize businesses' approach to authorization to bridge security gaps and better protect mission-critical data and the applications that rely on it. 

Join Mickey Martin, Director of Product Outreach, PlainID, as he discusses the challenges facing enterprises today in securing connections to endpoints and applications while keeping in alignment with identity security posture and security best practices.

Key Takeaways: 

- Customer case study on how an organization is incorporating Policy Based Access Control to address their data security and user experience objectives in their Segmented SASE environment.

- Streamline Access to Endpoints - Centralize and automate policy management to reduce manual efforts required to enforce policies across the network.

 - Minimize Security Gaps - Ensure policies are consistently applied across the enterprise with a Policy-based Access Control (PBAC) framework. 

- Gain Visibility and Monitoring - Track access policies from a single dashboard that provides reporting and alerting to inform administrators on policy changes. 

- Adapt to Evolving Requirements - Facilitate quick updates and adjustments to keep up with evolving business needs, security threats, or regulatory changes for compliance.

PlainID Brings Identity Security Posture Management to SASE with Zscaler

The increasing intricacies and granularity of data access call for a proactive security approach across all enterprise architecture layers. Learn how PlainID helps modernize businesses' approach to Authorization to bridge security gaps and better protect mission-critical data and the applications that rely on it. Join Mickey Martin, Director of Product Outreach, PlainID, as he discusses the challenges facing enterprises today in securing data access, specifically in large SaaS applications, and how they are leveraging Policy Based Access control.

Key Takeaways: 

- Customer case study on how an organization is incorporating Policy Based Access Control to address their data security and user experience objectives in their Power BI environment.

- Streamline Access to Data - Centralize and automate policy management to reduce manual efforts required to enforce policies across BI tools and the data ecosystem.

- Minimize Security Gaps - Ensure policies are consistently applied across the enterprise with a Policy-based Access Control (PBAC) framework.

- Gain Visibility and Monitoring - Track access policies from a single dashboard that provides reporting and alerting to inform administrators on policy changes. 

- Adapt to Evolving Requirements - Facilitate quick updates and adjustments to keep up with evolving business needs, security threats, or regulatory changes for compliance

How PlainID Optimizes Security, Access, and Data Compliance for Power BI

We live in the era of identity-centric security. Organizations need Visibility, Policy Management, and Authorization to secure the user journey. Please join Gal Helemski, PlainID Co-Founder & CTO / CPO & Mickey Martin, PlainID Director of Product Outreach as they discuss the importance of Identity Security Posture Management (ISPM).

Further, Learn How:
- The Identity and Access (IAM) market is transitioning to the Identity Security market in response to the rise in identity-driven cyber attacks.
- Identity security posture management (ISPM) is a growing market category, driven by cloud adoption.
- ISPM is about discovery, policy management, and authorization of identities and its access.
- PlainID already owns leadership positions in policy management and authorization.

What is Identity Security Posture Management (ISPM), and Why Should Orgs Care?

The importance of building an identity-centric security framework to address identity security threats, data compliance and optimize the user journey. Learn how PlainID’s ISPM platform can help your firm address one of the most vulnerable attack surfaces today. Please join Gal Helemski, PlainID Co-Founder & CTO / CPO & Tom Ammirati, PlainID CRO as they discuss how firms can enhance their identity security posture.

Key Highlights:
- Review why addressing Identity Security and ISPM have become a “must have” for Cyber Security & IAM professionals.

- Know Your Identity’s Entitlements (KYI), learn how PlainID’s Identity Insights module can provide real time visibility into the digital journeys of your identities from authentication through authorization and ultimately to accessing data across your enterprise.

- Discuss the security and operational benefits of a consistent and centralized approach to managing authorization policies for SaaS applications such as Power BI, Snowflake, & Zscaler via PlainID’s SaaS Authorization Management module.

- Review the benefits of Policy Based Access Control and how PlainID’s Dynamic Authorization Service can help firms modernize authorization while balancing the demands of their business without compromising security, data compliance, or user experience.

The Era of Identity Centric Security & How to Mitigate Identity Related Breaches

Redefining Identity and Data Security

In today's digital landscape, data security, and privacy have become paramount concerns for organizations across industries. Effective management of data access is essential to safeguard sensitive information and maintain compliance with regulations. Join Wissam Ali-Ahmad, Technical Architect, BigID & Mickey Martin, Director of Product Outreach, PlainID, and understand how PlainID and BigID together strengthen data protection, and redefine identity and data security.

Key Highlights:
- Understanding Identity Security Posture Management: We will demystify the concept of authorization, shedding light on its distinction from authentication and its multifaceted implications for identity-aware security.
- The importance of Data Security Posture Management: How having knowledge and control of your data comprehensively addresses data security, compliance, privacy & governance.
- How ISPM + DSPM drives value: Understand how an ISPM + DSPM framework contributes to regulatory compliance, including GDPR, HIPAA, and more, and how non-compliance can result in severe penalties and negative business consequences.
- Real-world Applications: Explore real-world case studies that highlight the significance of effective ISPM & DSPM in preventing data breaches, insider threats, and unauthorized access incidents.
- Future Trends: Get a glimpse into the future of identity and data-centric security, its impact on holistic security posture management, and how it can impact security and business outcomes.

Join us to explore how PlainID + BigID can help your organization prevent identity-related security events and ensure appropriate data access and compliance.

PlainID and BigID Integrate for a Modern, Resilient Data Protection Framework

In an era where cyber threats are continually evolving and data privacy regulations are becoming more stringent, understanding the dynamics of modern authorization (AuthZ) is pivotal for organizations striving to fortify their security measures and achieve data compliance.

Key Highlights:
- Reinforce Risk Management Strategy: Discover how to proactively manage security and access with risk-based authorization. Be ready for Zero Trust initiatives by embracing the “never trust, always verify” Zero Trust Paradigm.
- Navigating Data Compliance Regulations through Modern AuthZ: Amidst the tightening grip of data privacy regulations, explore how strong authorization plays a crucial role in safeguarding sensitive data - and ensures compliance with ever-changing mandates, improving shared responsibility and accountability.
- Leveraging the Benefits of Centralized AuthZ Policy Management: Understand the value of externalizing and centralizing policy management and how it provides visibility, manageability, and control to support risk mitigation and protect against identity-related breaches. 

Join Dr. Edward Amoroso, CEO, of TAG Cyber with Gal Helemski, CPO and Co-Founder, of PlainID to delve into the multifaceted landscape of modern authorization and its profound impact on cyber security and data compliance.

What is Modern Authorization and Its Role in Cyber Security & Data Compliance

Join Martin Glowik, Security Managing Director, Accenture & Mickey Martin, Director of Global Outreach, PlainID, and explore how authorization is a core component in solving zero trust. They will discuss how a modern authorization architecture furthers success in zero trust strategies. 

Topics to Discuss:

- Core Principles of Zero Trust & Trends 
   * Zero Trust is a philosophy & a technical framework is required to mitigate risk
  * Never Trust / Always Verify
- Importance of Authorization in a Zero Trust Framework
  * Where and why does authorization fit?
  * Increase Security resiliency post AuthN & Network Access Control
- Zero Trust and compliance with Data Regulations 
  * The role of Authorization & a Zero Trust framework in supporting data privacy 
 efforts   
- Importance of Visibility, Manageability & Enforcement of Access Control
  * Visibility and analytics are vital to a Zero Trust framework

Why Authorization is Key in Achieving Your Zero Trust Journey

For years organizations either relied on course-grained access controls or attempted to implement complex and unmanageable controls for access to specific data. When organizations attempt to control data level access using roles, the result is role explosion.  Attribute-based access helped control access to specific data values but even then access was siloed and segregated into its respective data stores.

Using modern, policy-based authorization, organizations now can more easily control access to specific data and infrastructure components and put security controls in place that prevent detrimental actions (intentionally or unintentionally).  
Learn how leading-edge organizations have deployed identity-centric access throughout the infrastructure stack using fine-grained authorization.  This includes access to microservices, APIs, and other infrastructure that typically relies on generic system accounts.  Apply policies to enable control over this access based on the individual or process that initiated the transaction (i.e., last-mile security).

By attending the webinar you will:
- Have a better understanding of Policy-based Access Control (PBAC) and identity-centric access
-  Learn how to apply PBAC to control access to specific data and infrastructure components
-  See how leading-edge organizations have taken advantage of PBAC
-  See a demo of an exciting sensitive data use case
- Understand how to move your organization to the next level of access control

Finally, a Solution to Control Access!

In the era of the digital economy, organizations grapple with complex cross-border data regulations. Efficient access control, powered by modern authorization, has emerged as a critical component in ensuring data compliance, privacy, and risk management.

Join us and explore the role of authorization in navigating enterprise access control and cross-border regulatory challenges. Learn how centralized management of policies and distributed enforcement simplifies managing identities' access within regional norms, offering a targeted response to evolving data laws and advanced cyber threats.

We will discuss how a modern authorization platform helps promote efficient management of access control, improve business agility, and bolster enterprise security through granular, policy-based controls.

Key takeaways include:
- Understanding the complexity of cross-border data regulations and the drivers behind it
- Deep dive into how authorization is foundational in any security strategy for compliance and risk mitigation
- Learning how modern authorization platforms simplify, and centralize management of access policies 
- The business case for policy-based, granular approach to data access and control

How Authorization Enables Data Compliance, Privacy, & Cross-Border Access

Join PlainID’s Lani Leuthvilay, Head of Product Marketing, and Mickey Martin, Director of Product Outreach in Episode 4, Talking AuthZ with PlainID about Policy-Based Access Control.  Together they will explain the fundamentals of Policy-based Access Control (PBAC) and its significance in modern security frameworks.  

During this session, dive into the core principles of PBAC, including:
- What is Policy-Based Access Control
- Why is Policy-Based Access Control Crucial to the Modern Business
- How PBAC overcomes the management and scalability challenges of RBAC and ABAC 

By attending this webinar, you will gain a clear understanding of how PBAC differs from traditional access control models and learn how to use effective policies to protect sensitive data and ensure regulatory compliance. Whether you are an IT professional, an IAM expert, a security architect, or a decision-maker responsible for safeguarding critical information assets, this webinar will provide you with practical insights and best practices to enhance your organization's access control strategy.

Policy-Based Access Control | What it is and why you can’t modernize without it

Struggling to effectively demonstrate the impact of authorization policy changes to your customers or showcase the value of Policy Based Access Control? Without the ability to effectively communicate the impact of these changes, you may face difficulties in engaging your customers and convincing them of the value and necessity of implementing new authorization policies. But worry no more!

Unlock the potential of the PlainID Policy Simulator in enhancing your customer interactions! Join PlainID's Paul Volosen, PlainID Sales Engineering, to learn how the PlainID Policy Simulator can enhance your customer interactions and help you better illustrate customer’s use cases.

During the session, we will dive into the key best practices to maximize the value of the PlainID Policy Simulator in your next customer engagements. The topics we will cover include:

- Basic demo flow using the simulator: Gain insights into how to seamlessly navigate and utilize the PlainID Policy Simulator. Discover its intuitive features and uncover the potential it holds for showcasing the relevance of your solutions.

- How to use the simulator to create an “Aha!” moment with your customers: Learn powerful techniques to captivate and impress your customers. Explore strategies that will leave them astounded by the effectiveness and practicality of your offerings.

Don't miss out on this opportunity to transform your customer interactions and demonstrate the true value of authorization policy changes.

Enhancing Customer Engagement: PlainID Policy Simulator Best Practices

In today's digital world, it’s plain to see that EVERYTHING is data. What is not plain — is how we protect that data. How you tell a data layer to protect data is different from how to tell microservices and API gateways how to protect data, which is different from how we protect data in the applications, but at the end of the day, it's all about who can do what, with what.

Join PlainID’s Mickey Martin, Director of Product Outreach, and Hub City Media’s Steve Giovannetti to talk about PlainID and the company’s ability to:

- Centralize authorization policies across the ecosystem
- Standardize our access control approaches
- Visualize your authorization map 

So it will finally become plain how we protect customer data and assets in every digital interaction. It’s all data, let PlainID worry about the enforcement.

Talking AuthZ with PlainID Episode 3: Centralize, Standardize, Visualize

Join PlainID’s Mickey Martin and IDMWORKS’ Nick Hunt to talk about how to better leverage risk tools throughout the ecosystem using PlainID, a Centralized Authorization Platform. Evaluating risk at time of authentication isn’t sufficient for good security posture, ecosystems and tech stacks must evolve to re-establish trust at every digital interaction. 

Learn how PlainID can help:
- Dynamically control and right size access based on identity and risk
- Consistently apply how risk is leveraged in every digital interaction
- Shrink or minimize exposure during breaches

Talking AuthZ with PlainID Episode 2: Leveraging Risk Tools in Authorization

Join us for our first AuthZ Product Webinar Series, Developers Design: Authorization in the Modern Architecture. 

Date: Thursday, April 6, 2023
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

Mickey Martin, Director of Product Outreach, and Vladi Berger, VP of Solutions Architecture will deep dive into designing architecture with authorization in mind. They will cover topics from the application to the database, and when and where to add in which types of authorization to best allow the types of access for users and non-user entities.

You will learn:
-  How authorization architecture furthers success in zero trust strategies
- Why centralized management means centralized viewing, auditing
-  How to utilize signals to de-authorize a user or session immediately stopping malicious activity

Developers Design: Authorization in the Modern Architecture

Join us for an open discussion between Chief Revenue Officer, Tom Ammirati, and Director of Product Outreach, Mickey Martin both from PlainID, where they will dive into the Project and Business Drivers they see that require Centralized Authorization.

Date: Thursday, March 2, 2023
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

Identity and Access Management has been a pillar in security for decades now; it has emerged, changed, and evolved many times over as the problems it solved grew larger and more complex. Identity Governance, Identity Providers, and Authorization Platforms are all required to deliver a secure identity practice. Authorization, like every piece of identity, enables the modern business, reduces risk, tightens security, and protects access to your digital assets.

Talking AuthZ with PlainID: Why Authorization? Why Now?

In this webinar, we’ll have an open discussion with Director of IAM Delivery from IDMWORKS, Nick Hunt, and Director of Product Outreach from PlainID, Mickey Martin, on the changing needs of authorization, market shifts, and how you can get a handle on this evolving space.

Date: Wednesday, February 1, 2023
Time: 12:00 pm - 1:00 pm ET (Eastern Time)
Online Event

With a changing application space, focusing on Identity and Zero Trust, and movement to cloud-hosted services, the traditional methods for authorizing users within applications are evolving.  Traditional methods of maintaining authorization lists are not scaling to support changing application and security needs.  This gives rise to the need for centralized, context-aware, authorization services, decoupling the authorization decisions from local applications into central business policy decisions and services. 

Agenda:
12:00 pm - 12:10 pm - Welcome - Overview
12:10 pm - 12:45 pm - A Fireside Chat on Dynamic Authorization
12:45 pm - 1:00 pm - Q&A, Wrap up

The Changing Authorization Space – A Fireside Chat on Dynamic Authorization

Join PlainID’s Director of Product Outreach Mickey Martin, along with The Cyber Hut's CEO and Research Analyst, Simon Moffatt, on December 6, for a webinar on Externalization of Authorization Policies - Build vs. Buy.

As the modern enterprise architecture demands a more decoupled and agile approach to authorization – existing access control deployments that are often tightly coupled and embedded within enterprise applications can no longer provide the needed level of agility, correct feature set and coverage for businesses.

Dynamic Authorization has become a critical component of the modern enterprise - delivering business agility via the flexible security of critical data and information assets.  Homegrown access control solutions are common across enterprises - either embedded within complex systems due to bespoke requirements or due to limitations of  CoTS providers. A modern approach is needed to gain better visibility and control of who has access to what resources. 

Join PlainID and The Cyber Hut to gain insights on how homegrown approaches compare to a platform approach. In the webinar, discussion topics will cover:

- Business Challenges of Authorization
- Externalizing Authorization with Policy-based Access Control
- Centralized Management and Distributed Enforcement 
- The Limitations of Homegrown Solutions 
- The Cost of Doing Nothing 

Agenda:
12:00pm - 12:10pm - Welcome - Mickey Martin, PlainID
12:10pm - 12:30pm - Externalization of Authorization Policies - Build vs. Buy Challenges and Solutions - Simon Moffatt, The Cyber Hut
12:30pm - 12:50pm - PlainID Next Generation Authorization Overview, Mickey Martin, PlainID
12:50pm - 1:00pm - Q&A, Wrap up

Externalization of Authorization Policies - Build vs. Buy

This is the third part of the “Authorization Policy enforcement in Service Mesh” webinar series. 

In the previous talks, we’ve first covered the foundations of managing authorization for micro-services, then delved into the topic of entitlement injection.

In this talk, the third in the series, we'll be discussing data filtering in the service mesh. More specifically, the ways in which the policy decision sidecar can support your micro-service in enforcing access with a large amount of data.

The series is hosted by PlainID's co-founder Gal Helemski, and by our Senior Solution Architect Vladi Berger. As before, this talk will be accompanied by a live demonstration, and there’ll be time for Q&A.

If you haven’t yet, do feel free to check out the first two talks in the series, available below via the list of related talks.

PlainSense: Authorization Policy Enforcement in Service Mesh - Part 3

Authorization

Governance

RBAC

pbac

ABAC

Policy Based Access Control

Access Management

Access control

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

PlainSense: Authorization Policy Enforcement in Service Mesh - Part 3

Presented by

About this talk

More from this channel