The Authorization Kessel Run
So . . . everyone take a nice deep breath—especially those of you who completed the recent identity conference / authZ Kessel Run. It’s not often that identity events wind up being back to back (ed note: is that actually true? somebody look it up for me), but Identiverse and EIC back-to-back took some serious energy.
The previous edition covered most of the sessions that were looming at EIC, so refer to those for reference on what took place. The interop went well on Friday and was attended by an engaged and highly enthusiastic crowd:
Some fashion choices were slightly more questionable (or on-message, depending on your point of view):
In the News / Articles of Note
CAEP, the “R” in ITDR - blog by Atul Tulshibagwale
Snowflake held their conference amidst the reports about their recent incident.
Mergers & Acquisitions & Associated Items
Notable Capital published it’s new “Rising in Cyber,” an inaugural list recognizing the “most innovative startups in cybersecurity.”
~$1B acquisition for open-source data access layer Tabular by Databricks, in part for its data lake RBAC features
No longer possible to acquire: “Cards Against Identity 2024”
Already acquired: IdentiBeer and AuthoriBeer 2024.
Upcoming Events
Rocky Mountain Information Security Conference: (RMISC) June 11, 2024
Sessions Include:
Cybersecurity Lessons from Jurassic Park by Rohit “Leo” Satpathy (The PC Security Channel) One of the fun sounding talks there is based on this video, Cybersecurity Lessons from Jurassic Park
Tier Zero: Applying Modern Security to Legacy Identities by Matthew Vinton (Quest Software)
about securing Active Directory authorization
Deconstructing AWS Intrusions: Attack, Detect, Defend by Ryan Thompson
reminiscent of flAWS.cloud
EHP: A New Sheriff in Town - Regulation and Oversight of APIs by Karl Mattson (Noname Security)
any relation to EHP as in healthparliament.eu? Or, for existing US bank regulations for API AuthZ? (blog)
Enabling Automated Security Control Validation with Tommyknocker by Jeremy Banker (loredous) referring to the open-source tommyknocker
Deploy Identity-based Zero Trust by Chris Sanders
Navigating the Impact of CMMC 2.0 on DoD Contractors by Anders Erickson (Eide Bailly LLP)
AppSec Days Pacific Northwest Conference Jun 15, 2024
fwd:CloudSec June 17, 2024
Cloud Security Alliance (CSA)
running sponsored surveys on
Non-Human Identities (NHI) due Jun 18, 2024
State of Multi-Cloud Identity due Jun 14, 2024
There’s also a CFP out for SECtember.ai (CSA) due Jun 28, 2024, and the event starts Sep 10, 2024
After a tumultuous fortnight (and yes, I just wanted to use the word “fortnight”), it’s time to get some rest, get hydrated, and prepare for the next run in the trench this coming fall.