A Guide to Securing Cloud Access with CAEP
The lack of interoperability in zero-trust products is hurting adoption and is a big factor in organizations not being able to achieve their security goals through existing products. Those who claim success have cobbled together solutions using proprietary protocols and niche implementations that only address a small spectrum of the problem space. Open standards that enable continuously monitored context based access to online resources can help existing products interoperate.
In this joint webinar hosted by the IDSA and OpenID Foundation, we’ll discuss a new standard that is being developed in the OpenID Foundation SSE (Shared Signals and Events) working group. CAEP (Continuous Access and Evaluation Profile) is a drastically new approach to cybersecurity that utilizes a user’s complete online footprint collected through a collaborative exchange of events and signals between multiple participating parties. Recognized by Gartner as an “innovation trigger” technology in their 2022 Digital Identity Hype Cycle, CAEP has been adopted by companies like Microsoft, exchanging millions of SSE events every day.
More on CAEP, RISC and the Shared Signals and Events Working Group at https://openid.net/wg/sse/
What You Will Learn:
- How CAEP can increase the level of online security for users, identity providers, and service providers alike.
- How CAEP can help achieve identity security best practices and outcomes.
- What you can do to help accelerate the adoption of CAEP.
Who Should Attend:
- Strategy and thought leaders looking at ways to support Zero Trust.
- Security architects responsible for architecture and implementation of identity and security systems.
- Identity and security vendors who want to increase security of their offerings.
Note: The IDSA is an approved (ISC)2 CPE Submitter Partner. To receive CPE credits, submit the viewing certificate to (ISC)2 or submit your information. Make sure to check out our other identity-centric security webinars from leading identity and security experts.
Director of Technology, Thales
Asad Ali is a technologist at Thales with 25 years of experience, and a track record of technical innovation, research, development, team management and product delivery in the digital security space. He currently serves in the CTO office of Thales cyber-security business unit, and has been an evangelist for company-wide adoption of user-centered design and usable security framework. He has also represented Thales in technology Standards bodies (W3C, OpenID Foundation), industry technology alliances (CSA, IDSA), and academia outreach programs. He holds 10 patents and has over 40 publications in peer-reviewed technical journals and international conferences. Mr. Ali received a Master’s degree in Engineering from MIT.
Director of Strategy and Standards, SailPoint
Mike Kiser is insecure. He has been this way since birth, despite holding a panoply of industry positions over the past 20 years—from the Office of the CTO to Security Strategist to Security Analyst to Security Architect—that might imply otherwise. In spite of this, he has designed, directed, and advised on large-scale security deployments for a global clientele. He is currently in a long-term relationship with fine haberdashery, is a chronic chronoptimist (look it up), and delights in needlessly convoluted verbiage. He speaks regularly at events such as the European Identity Conference and the RSA Conference, is a member of several standards groups, and has presented identity-related research at Black Hat and Def Con. He is currently the Director of Strategy and Standards at SailPoint Technologies.”
Atul is the CTO of SGNL, the leading developer of modern enterprise authorization solutions. Atul is an enterprise identity expert and the inventor of the Continuous Access Evaluation Protocol (CAEP). He was most recently a software engineer at Google, where his seminal blog post kicked-off the industry-wide movement that culminated in the OpenID Foundation’s Shared Signals and Events (SSE) Framework, and Continuous Access Evaluation Profile draft specifications. He is also a co-chair of the OpenID Foundation’s SSE Working Group. At Google he led the development of the BeyondCorp API, a critical part of Google’s BeyondCorp zero-trust solution. Previously, Atul was a co-founder and the CEO of Trustgenix, a federated identity pioneer that was acquired by HP. Trustgenix contributed to the development of federated identity standards such as SAML 2.0 and the Liberty Alliance Framework.
Identity Management Day: How to Get Involved
February 28th, 2023, 9:00am PT/12:00pm ET
Helping Organizations Succeed in an Identity-Centric Security World
February 23rd, 2023, 9:00am PT/12:00pm ET