Speakers: Tim Cappalli, Identity Standards Architect, Microsoft; Atul Tulshibagwale, CTO, SGNL; Annabelle Backman, Principal Security Engineer, Amazon Web Services; Shayne Miel, Principal Engineer, Cisco; Karl McGuinness, Chief Architect, Product, Okta; Nafis Zebarjadi, Product Manager, Google Cloud Security
Date: Wednesday, June 22, 2022
Location: Denver, CO

Description: To effectively secure a zero-trust environment, multiple vendors’ systems must cooperate to convey the latest information about user accounts and sessions. Open standards are critical to achieving this interoperability. Initial standards proposals that address this, such as the Continuous Access Evaluation Protocol (CAEP), have progressed rapidly through the OpenID Shared Signals and Events (SSE) working group in the last two years. The generalized SSE Framework and its application to zero-trust, the Continuous Access Evaluation Profile, have been recently adopted as implementers’ drafts by the OpenID Foundation. Its account security profile, the Risk Incident Sharing and Coordination (RISC) Profile, is currently under review. These standards have been implemented in part by leading tech vendors.

Join this session to hear from industry leaders on how these standards are helping improve security for their customers in a zero-trust world. Panelists have either implemented the standards in production or are actively working on implementations that are in advanced stages of development, or have contributed to the standards development. The panel will also discuss why these standards are important to them; maturity level of the standards; their experience in implementation and tips and tricks for newer implementers for easy deployment and adoption of these standards in their environments.