In this special Halloween edition of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by Jonathan Care, Lead Analyst at KuppingerCole Analysts, to explore one of the most talked-about cybersecurity stories of the year — the F5 supply chain incident.

The discussion highlights how even well-established organizations can become targets of sophisticated, long-term attacks — and what this means for the future of software supply chain security.

Together, Matthias and Jonathan examine how incidents like this can happen, what lessons can be learned across the industry, and how companies can strengthen resilience, transparency, and response capabilities in their own environments.

Key topics covered:

✅ Understanding the dynamics of modern supply chain attacks ⚠️
✅ Why detection and dwell time remain a major industry challenge
✅ The growing importance of vendor risk and software transparency
✅ Lessons learned for CISOs and IT leaders
✅ Practical measures to improve visibility and response
✅ Why collaboration and information sharing are key to resilience

🕸️ Even trusted systems can hide a few ghosts — are you ready to uncover yours?

Unlock invaluable insights into cyber resilience by exploring real-world examples of organizations rebounding from cyber incidents. Gain strategies to safeguard operations, enhance data resilience, and leverage clean rooms and cloud solutions for recovery. Learn how to transform cyber threats into opportunities for improvement and fortify your organization's digital landscape with adaptive resilience strategies.

Read the original blog post here: https://www.kuppingercole.com/blog/small/cyber-resilience

Is your IAM strategy focused too much on tools? In this episode of the KuppingerCole Analyst Chat, Matthias Reinwarth and Patrick Teichmann, Lead Advisor at KuppingerCole, dive into one of the most common pitfalls organizations face: starting IAM projects with the wrong priorities.

They explore how a Target Operating Model (TOM) helps define why and how your IAM should work before deciding on technology. Patrick shares insights from real projects, explaining how to align business goals, processes, and governance to achieve long-term success.

Key Topics Covered:

✅ Why IAM projects often fail due to tool-first thinking
✅ How a Target Operating Model sets the foundation for IAM success
✅ The role of governance, people, and processes in effective IAM
✅ Real-world examples of aligning strategy and technology
✅ How to evaluate tools after defining your IAM capabilities

Are AI agents the future of cybersecurity or a threat to human expertise? In this episode of the KuppingerCole Analyst Chat, Matthias Reinwarth talks with Alexei Balaganski, Lead Analyst and CTO at KuppingerCole, about the rise of AI agents and their potential to reshape the cybersecurity landscape.

They explore how autonomous AI systems could fill the cyber skills gap, automate incident response, and even act as digital coworkers in SOC environments. But how far can we trust them—and will humans still have a place in the loop?

Key topics covered:

✅ What AI agents really are—and how they differ from traditional automation
✅ The role of AI in SOCs, incident response, and threat detection
✅ Can AI agents help close the cybersecurity skills gap?
✅ Risks of rogue or “hallucinating” AI systems
✅ Why access governance and identity management are critical for AI agents
✅ The future of cybersecurity jobs in the age of automation

Are we already living in a post-data privacy world?

Breaches are everywhere, data is constantly being leaked, and GDPR fines haven’t stopped surveillance capitalism or shady data brokers. In this episode of the Analyst Chat, Matthias Reinwarth is joined by Mike Small and Jonathan Care to explore whether privacy still has meaning — or if resilience and risk management are the only ways forward.

They debate:

✅ Is privacy truly dead, or just evolving?
✅Why regulations like GDPR often miss the mark ⚖️
✅How cyber resilience is becoming more critical than “traditional” privacy
✅The personal, societal, and legal dimensions of privacy
✅What organizations (and individuals) can still do to protect data

Ghost tapping is shaking up the payment security landscape, turning stolen card data into quick profit through NFC relay fraud. This emerging threat exploits digital vulnerabilities, making unauthorized taps at retail points seamless and undetected. Businesses and regulators must urgently rethink their defenses against this global attack vector that crosses digital and physical boundaries.

Read the original blog post here: https://www.kuppingercole.com/blog/ashford/ghost-tapping-a-new-front-in-identity-security-risk

Are KPIs and KRIs just compliance checkboxes, or can they truly prove the value of Identity and Access Management (IAM)? In this episode, Matthias Reinwarth and senior advisor Shikha Porwal explore how Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) can transform IAM from a technical function into a business enabler. They unpack the differences, the overlap, and how to make metrics relevant to both security and strategy. Expect real-world examples—from onboarding to MFA adoption—that show how measurement drives maturity and risk reduction.

Key Topics Covered:

✅ KPIs vs KRIs in IAM: what they are and how they differ
✅ Aligning IAM metrics with business goals and governance
✅ Onboarding & offboarding metrics for efficiency and risk reduction
✅ MFA adoption and help desk tickets as signals of IAM maturity
✅ Developer enablement and API adoption as success factors
✅ Mapping IAM indicators to risk frameworks and security posture
✅ Adapting KPIs/KRIs for non-human identities (NHI)

💡 If you’re working in IAM, identity governance, MFA strategy, or security architecture, this discussion will help you build meaningful metrics that prove value and strengthen your identity program.

Are IVIPs truly a new platform that organizations must adopt, or are they just old capabilities rebranded with fresh marketing spin? Today, Matthias Reinwarth and Martin Kuppinger dig into the latest acronym shaking up the IAM world: IVIP (Identity Visibility & Intelligence Platforms). We unpack the promises, the risks, and what IVIP really means for the Identity Fabric concept. Expect a critical take on buzzwords, vendor strategies, and what enterprises actually need to strengthen IAM maturity.

Key Topics Covered:

✅ What IVIP actually is and how it fits into IAM
✅ The connection between IVIP and the Identity Fabric approach
✅ Risks of marketing buzzwords in identity management
✅ When a new platform really brings value—and when it doesn’t
✅ What organizations should focus on instead of chasing hype

💡 If you’re working in identity, access governance, ITDR, IGA, or security architecture, this conversation will help you decide whether IVIP deserves a place in your roadmap—or if it’s just hype.

Identity and Access Management (IAM) is no longer a one-off project—it’s an ongoing journey. In this episode of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by Christopher (CISO & Lead Advisor) and Deniz Algin (Advisor) to explore how organizations can successfully apply the Identity Fabric concept.

How to evolve from legacy systems to a future-proof IAM strategy without breaking existing operations? Why interoperability matters? What are the most common pitfalls organizations face when trying to modernize IAM? Find the answer to these questions and more in this episode!

Key Topics Covered:

• Identity Fabric explained through a powerful “airport” analogy ✈️
• How to design IAM programs in brownfield environments (no rip & replace)
• Capability-driven approach vs. tool-driven decisions
• Risk-based prioritization: quick wins, big wins & roadmaps
• Common pitfalls to avoid when modernizing IAM

💡 Whether you’re just starting your IAM journey or looking to operationalize interoperability at scale, this episode is packed with practical strategies and lessons learned.

DDoS attacks are evolving and becoming more dangerous than ever. In this video, Osman Celik speaks with Andrey Leskin from QRator Labs about the current DDoS attack landscape and how organizations can defend themselves.

You’ll learn:

• What DDoS attacks are and how they work across layers 3, 4, and 7
• Why Layer 7 (application-layer) attacks are the fastest-growing and hardest to detect
• How attackers are building massive botnets (millions of compromised devices)
• Real-world DDoS incidents hitting FinTech, e-commerce, and media sectors
• The differences between scrubbing capacity and PoP proximity in mitigation
• How QRator Labs approaches DDoS protection with scrubbing, anti-bot, and WAF solutions

With Layer 7 attacks rising by 74% year-over-year and record-breaking volumetric attacks now lasting weeks, no industry can afford to ignore this threat.

Watch now to understand how to protect your business from DDoS, botnets, and evolving cyber threats.

In this episode of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by Martin Kuppinger and special guest Felix Gaehtgens to explore two of the hottest (and most debated) topics in identity today: Identity Threat Detection & Response (ITDR) and Non-Human / Machine Identities (NHI).

Together, they gothrough the buzzwords to reveal what’s real, what’s hype, and how organizations should approach these fast-evolving areas of IAM. From visibility vs. observability, to governance challenges and the future of machine identity management, this episode delivers sharp insights and practical recommendations from three IAM veterans.

So tell us — are ITDR and NHI just marketing buzzwords, or essential must-haves for modern identity security?

Key topics covered:

• ITDR explained: buzzword or meaningful evolution in IAM?
• Why visibility and observability are not the same
• The missing “R” in detection & response
• IAM vs. SOC responsibilities for ITDR
• Machine identities: terminology, challenges, and governance
• Ephemeral vs. static machine identities
• How IAM teams can prepare for the future of identity security

In this episode of the KuppingerCole Analyst Chat, Matthias is joined by Charlene Spasic and Kai Boschert to break down what real IAM maturity means. They explain why structured frameworks like the KuppingerCole Identity Fabric and Reference Architecture are critical, and how organizations can move beyond tools to focus on capabilities, governance, and business alignment.

So tell us, is your IAM program truly mature—or just a checklist of tools?

Key Topics Covered:

• Why IAM maturity starts with capabilities, not tools
• How to assess your current IAM status quo
• The role of identity lifecycle management & governance
• Common IAM challenges and gaps organizations face
• Why step-by-step progress beats “big bang” projects

💡 If you’re looking to strengthen your IAM foundation and align it with business priorities, this episode is for you.

The fraud landscape has been rocked by a seismic shift—obsolete security systems no longer stand a chance. Enter FRIPs, the revolutionary platforms transforming identity verification and transaction security. As fraudsters evolve, only enterprises leveraging these advanced defenses will thrive. Can your business afford to lag behind in this high-stakes IT arms race?

Read the original blog post here: https://www.kuppingercole.com/events/ifid2025/blog/how-frip-weaponizes-identity-fabrics-the-security-revolution-hiding-in-plain-sight

In this practical episode of the KuppingerCole Analyst Chat, Patrick Teichmann joins Matthias Reinwarth to address a surprisingly common organizational issue: IAM teams being tasked with solving everything.

From HR data gaps to legacy tool cleanup and cross-department handovers — IAM teams often inherit work that isn’t truly their responsibility. This episode is a call to realign IAM strategy with clear ownership, realistic boundaries, and strong service delivery.

In this conversation:

• Why not everything is an IAM problem
• Common traps: onboarding issues, ownership gaps, tool clutter
• How to set boundaries without damaging collaboration
• Using operating models and RACI matrices to define IAM’s real scope
• Why focusing your IAM team improves service quality and security
• How to justify saying “no” — with strategy to back it up
• Preparing for IAM scalability, sustainability, and new regulations

Key takeaway: Sharpening your focus as an IAM team isn't about doing less — it’s about doing what matters most, better.

In this episode of the KuppingerCole Analyst Chat, Martin Kuppinger joins Matthias Reinwarth to dive deep into one of the most overlooked but critical areas in identity and security: non-human identities (NHI) and workload secrets. As cloud-native development and AI-driven workloads grow, so does the complexity of managing machine identities. With AWS now supporting long-lived API keys for generative AI, this episode explores why that's a risky move — and what a modern, secure, and developer-friendly alternative looks like.

In this episode, you'll learn:

• Why workload identities must be treated as privileged
• How long-lived secrets expand your attack surface
• Why “balancing convenience vs. security” is a false choice
• How to apply ephemeral secrets and ITDR signals
• The role of SPIFFE/SPIRE, policy-as-code (OPA), and automation
• Why developers shouldn’t own security — and what IAM must do instead
• How attackers use AI to hunt your leaked secrets
• What organizations must do to secure NHI at scale

Key takeaway: Security must be built around short-lived secrets, automation, and clear separation between identity, secrets, and entitlements — especially for workloads and AI agents.

In this episode of the KuppingerCole Analyst Chat, Warwick Ashford joins Matthias Reinwarth to explore a hidden but growing risk: third-party access to your systems.

Third-party contractors, suppliers, and partners often have access to internal systems — but lack the same governance, oversight, and security controls as employees. This episode explores why Third-Party Access Governance (TPAG) is now a strategic security priority, not just a technical integration.

What we cover:
✅Why third-party identities now outnumber employees in many orgs
✅The governance gap: no HR triggers, lifecycle oversight, or certifications
✅How traditional IAM systems fail to manage external access
✅The role of the Identity & Security Fabric in enabling TPAG
✅Regulatory drivers (DORA, NIS2, CMMC) making this a board-level issue
✅Core capabilities of modern TPAG solutions
✅Practical first steps for building a third-party access governance strategy

Explore how the Oracle Database@AWS collaboration eliminates multi-cloud compromises, integrating Oracle's capabilities within AWS to enhance security, performance, and compliance. Learn how this partnership enables businesses to lift and shift existing workloads easily, leverage AI automation, and achieve rapid data integration, all while maintaining enterprise-grade security and scalability.

Read the original blog post here: https://www.kuppingercole.com/blog/balaganski/oracle-databaseaws-combining-the-best-of-both-clouds

In a groundbreaking move, Palo Alto targets a $25 billion acquisition of CyberArk, poised to reshape identity security landscapes. As two cybersecurity giants converge, explore this narrative of strategic synergy versus the challenge of seamless integration. With potential market upheaval at stake, the acquisition promises to redefine the rules of identity security.

Read the original blog post here: https://www.kuppingercole.com/blog/leal/palo-alto-cyberark-a-strategic-expansion-into-identity-security-but-with-questions

In this episode of the KuppingerCole Analyst Chat, host Matthias Reinwarth welcomes Martin Kuppinger, Founder and Principal Analyst at KuppingerCole, to discuss the evolution of the Identity Fabric. Originally introduced as a visual tool in 2017–2018, the Identity Fabric has matured into a foundational framework for modern identity and access management.

The conversation covers the motivations behind its creation, its flexibility in addressing various identity types, and its role in simplifying complex IAM architectures. Martin also explains the rationale for a leaner version of the model, aimed at executive stakeholders, and offers a glimpse into the forward-looking Identity Fabric for the 2040s.

In this episode, you’ll learn:
✅Where the Identity Fabric concept began
✅Why a leaner version is needed — and who it’s for
✅How to pitch Identity Fabric to C-level decision makers
✅What the 2040s might look like for IAM
✅How organizations and vendors alike are using this model today

Whether you're deep in IAM or just starting to align your strategy, this episode breaks down how to communicate complex identity concepts more clearly.

In this episode, Matthias Reinwarth is joined by Alejandro Leal, Senior Analyst at KuppingerCole Analysts, to discuss the strategic shift toward Identity Fabrics in modern IAM. Alejandro outlines the challenges posed by fragmented IAM architectures and the growing diversity of digital identities.

The conversation explores how the Identity Fabric model enables organizations to build cohesive, adaptive identity infrastructures that integrate existing tools while providing observability and actionable insights. They also examine the importance of integration, modularity, and policy enforcement across identity silos. The episode concludes with practical steps for building a future-proof IAM strategy.

We dive into:

• Why traditional IAM is failing
• What Identity Fabric really means (and what it’s not)
• How it supports every identity type — human or machine
• The critical role of observability & actionable insights
• How to balance legacy tools with agile innovation
• Where to start your implementation — without a big bang

Identity is now a strategic business function — and Identity Fabric is how to operationalize it.