Iam Webinars

Discover Security Events in Iam

Get Iam Event Alerts!

Receive industry alerts, sponsorship, speaking opportunities, ticket discounts and a lot more!

Subscribe

IAM (Identity and Access Management): Current Status

Identity and Access Management has evolved from basic user provisioning into a comprehensive security discipline that governs digital identities, controls access to resources, and serves as the foundation for zero-trust architectures. As organizations embrace cloud services, remote work, and partner ecosystems, IAM has become critical for securing the modern, perimeter-less enterprise.

Zero Trust and Identity-Centric Security

IAM has shifted from perimeter-based access control to identity-centric security models where identity serves as the new security perimeter. Zero-trust architectures mandate continuous verification of user identity, device posture, and contextual factors before granting access to resources. Organizations are implementing sophisticated authentication mechanisms including multi-factor authentication (MFA), passwordless authentication, biometrics, and risk-based adaptive authentication that adjusts security requirements based on access context and behavior patterns.

IAM as GRC Enabler

IAM supports governance, risk, and compliance objectives by providing auditable access controls, separation of duties enforcement, and automated access reviews (wwt.com). The relationship between GRC and IAM creates synergy enabling organizations to align access policies with governance frameworks while demonstrating regulatory compliance (identitymanagementinstitute.org).

Modern IAM Challenges

Organizations struggle with managing identities across hybrid environments, reconciling disparate identity stores, and governing non-human identities including service accounts and API keys. Privileged access management, identity lifecycle automation, and access governance remain complex undertakings requiring specialized platforms and expertise. The proliferation of SaaS applications has created identity sprawl, while legacy systems complicate integration efforts.

All Upcoming Cybersecurity Events

All security events are automatically streamed into this table on a daily basis.

18th December 2025 | Workload Identity 101: What Every Security Team Needs to Know

This webinar explains why traditional PAM tools designed for human identities fall short when applied to fast moving machine workloads. The session covers real challenges seen in enterprise environments, including static credentials in code, identity silos, overly permissive service accounts and limited visibility into workload activity. Attendees will learn why these gaps grow as machines scale far beyond human users.

The presentation introduces the core concepts of workload identity and explains how the SPIFFE standard supports secure and automated authentication for dynamic environments. The speakers will show how trust domains, attestation and short lived identities reduce the risk of leaked secrets and strengthen access control across on premises and cloud workloads. The session also highlights how automation and standard APIs simplify authentication for developers and improve operational security at scale.

Company_Webinar • Part of CyberArk

_flag

2nd December 2025 | Closing SaaS Security Gaps: Protect Sessions Beginning to End

Most attacks don’t happen at the login screen—they happen inside your SaaS apps. If you can’t see what users are doing in real time, you’re exposed to risk. Blind spots lead to data leaks, compliance slip-ups, and insider threats.

Join CyberArk’s webinar to learn how Secure Web Sessions (SWS) gives you agentless monitoring and instant protection—no productivity trade-offs.

You'll get:

Clear ways to spot SaaS security gaps and stop session-based threats Tools for compliance: searchable session records on demand Real-time defense layered in without messing with users Practical steps to cut risk and build confidence across your SaaS stack Register now to turn visibility into control and protect every session.

Online • Part of CyberArk

_flag

18th November 2025 | Secrets Management Horror Stories from the Field: Four Security Pitfalls to Avoid

The recent Shai-Hulud npm worm shows how fast an initial compromise can spread when secrets are poorly managed. After gaining access, the malware used tools like TruffleHog to harvest hardcoded tokens and credentials, then escalated laterally through packages, pipelines, and cloud accounts. It’s a vivid reminder that without strong policies, decentralized secrets management fuels the blast radius of attacks.

From hands-on work with customers, our security services team has identified four practices that put organizations most at risk:

  • Shared access across teams – one secret or account reused across multiple workloads.
  • Poor Kubernetes namespace definitions – mixing dev, test, and prod without clear boundaries.
  • Pipelines under a single identity – Jenkins or Ansible jobs running with unrestricted privileges.
  • One cloud account or platform for everything – concentrating risk into a single identity plane.
  • For each, our security services team will share real-world stories of how attackers exploit these practices, and the field-tested solutions that leading organizations are adopting to fix them. You’ll learn why the true risk isn’t just the secret, but the identity behind it—and how centralizing secrets management reduces blast radius, improves visibility, and scales securely without disrupting developers.

You will learn:

  • How poor secrets practices enable lateral movement and breach escalation.
  • Four real-world pitfalls we see in customer environments—and proven ways to fix them.
  • How centralization strengthens governance, audit readiness, and resilience.

Online • Part of CyberArk

_flag

13th November 2025 | The $2.8 billion problem: How to stop business email compromise

Microsoft 365 and Google Workspace are the backbone of most organizations, but they’ve also become prime targets for attackers as endpoint defenses become stronger. According to the FBI’s 2024 IC3 Report, Business Email Compromise (BEC) accounted for $2.77 billion in reported losses, making it one of the costliest types of cybercrimes today.

Despite their native security tools, protection across these SaaS platforms often remains fragmented, leaving users and data dangerously exposed.

In this session, you’ll:

  • See MFA bypassed in real time: Watch a demo showing how token theft easily circumvents MFA and grants attackers full access.
  • Identify critical weaknesses: Learn why relying solely on Microsoft 365 or Google Workspace’s built-in protections leaves dangerous blind spots.
  • Explore a unified defense: Discover what a comprehensive SaaS security strategy looks like — one that closes gaps across both platforms.

Online • Part of Kaseya

_flag

6th November 2025 | The Future of Privilege: One Platform, Every Environment

Privileged Access Management (PAM) is the cornerstone of identity security. And modern infrastructure - cloud workloads, containers, SaaS apps, and developer-led environments - requires more. The same principles that safeguard long-lived systems must now extend seamlessly to dynamic, short-lived resources.

Join CyberArk as we reveal the Future of Privilege: how proven PAM foundations and modern access controls come together in one platform, designed for today’s hybrid enterprise.

You'll learn how to:

Unify privilege security everywhere – Protect both long-lived systems and modern, ephemeral infrastructure in a single platform Apply PAM principles to modern resources – Extend the same trusted controls to cloud-native, SaaS and developer-driven environment Reduce risk without slowing down – Eliminate unnecessary standing privileges while enabling secure, frictionless access for teams

Online • Part of CyberArk

_flag