Name: Crypto-Agility Automation: Preparing for Google’s 90-Day TLS Validity Proposal
Start: 2023-07-27T16:00:00Z
End: 2023-07-27T16:00:41.000Z
Location: BrightTALK

This channel brings together the leading identity and security vendors and industry experts to regularly educate security leaders on how to reduce risk through identity-centric strategies. For more resources and education on identity-centric security strategies, visit www.idsalliance.org.

As AI agents grow more autonomous, from initiating workflows, accessing sensitive data, to making decisions in real time, they challenge the core assumptions of traditional identity and access governance. In this session, Miguel Furtado explores how AI shifts the perimeter from identity to intent, and why modern IAM strategies must evolve to continuously evaluate agent behavior, authorization scope, and data access patterns. We’ll discuss what defines a true agentic AI, how intent-aware governance can fill today’s visibility and control gaps, and what practical steps can be taken to secure non-human identities and AI agents today. If identity is the control plane of the modern enterprise, intent is its next policy layer.

Rethinking IAM with Intent:  Identity Governance in the Age of AI

Standing access is a time bomb—and yet, in most orgs, it’s still the default. Developers are over-permissioned just to avoid ticket delays. Access reviews live in spreadsheets. Security teams are buried in manual cleanup and audit prep. And the patchwork of point tools meant to help? They rarely scale—or align with how your teams actually work. This session is for the teams who are asking: Is what we’re doing even working anymore? We’ll walk through a practical, field-tested approach to implementing Just-in-Time (JIT) access—starting with what you already have, proving value with one team, and scaling without creating friction.

From Tickets to Trust: How to Roll Out Just-in-Time Access without Slowing Down Engineers

Credential theft, malicious insiders, orphaned accounts—identity-based attacks have become the leading cause of breaches, while regulatory pressures demand continuous proof of security controls.

Modern Identity Governance and Administration (IGA) has evolved from cumbersome, compliance-driven implementations into streamlined, automated defense systems that safeguard enterprises at scale.

In this webinar, Omada Field Strategist Thomas Müller-Martin will reveal the 5 IGA Essentials to Strengthen Your Cybersecurity Strategy, a proven framework for transforming identity governance from reactive compliance to proactive threat prevention.

What you’ll learn:
-Recognize today’s most critical identity threats and their real-world impact on regulated enterprises
-Master the 5 IGA Essentials that enhance cybersecurity posture while simplifying operations
-See how modern IGA solutions automate threat detection, enforce least privilege, and scale across complex global environments

Join us to discover how leading organizations leverage these essentials to prevent breaches, maintain continuous compliance, and protect their most critical assets without sacrificing business agility.

The Cybersecurity Fast Track: 5 IGA Essentials to Reduce Risk

As AI adoption accelerates across organizations, traditional security approaches focused solely on license management and non-human identities are missing the bigger picture. This webinar explores a comprehensive framework for AI security that recognizes the full spectrum of AI identities in your environment, from AI users and builders to AI agents, and provides actionable strategies for discovery, protection, and defense.
We'll examine how AI security can be looked at through an identity security lens and demonstrate how runtime intelligence reveals dramatically more AI usage than static configuration approaches. Attendees will learn practical methodologies for inventorying their complete AI footprint, identifying risky access patterns, and implementing high-fidelity detection capabilities that enable faster SOC response.

AI Users, Builders, and Agents: Securing the Next Generation of Identities

By March 2026, public TLS certificate lifespans will halve—and eventually shrink to just 47 days by 2029—driving urgent change in how organizations manage certificate renewals, and ultimately, digital trust. TLS certificates are the machine identities that underpin secure communication on the internet. Manual certificate tracking at the scale demanded by 47-day renewals simply won’t be feasible. And without automation, shortened lifecycles increase the risk of outages and compliance failures. Now is the time to implement a modern, automated certificate management strategy to safeguard trust, ensure compliance, and keep pace with the internet’s accelerating demands. You'll leave the session with practical guidance on how to:
- Modernize your certificate lifecycle management with scalable automation
- Align risk communication across technical teams, leadership, and the board
- Budget for the transition and articulate the cost of inaction
- Prepare your infrastructure for continuous 47-day renewal cycles, essential for public PKI and increasingly valuable for internal systems

From Chaos to Control: Automating Machine Identity Security Before the 47-Day Certificate Deadline

Salt Typhoon proved that attackers are exploiting identity blind spots in the network layer to bypass controls and move laterally. This session explores how traditional PAM and NAC tools leave routers, switches, and firewalls exposed, and why identity-first security must extend beyond IT systems. We’ll break down the attack path, highlight key lessons from Salt Typhoon, and show how applying Zero Trust principles at the network layer can stop similar breaches before they start.

Zero Trust Falls Short Without Network Identity: Lessons from Salt Typhoon

A single stolen password can bring your business to its knees — unless you can recover in hours, not days. The first 72 hours after a credential breach determine whether you contain the incident or face a full-scale crisis. Regulatory mandates, cyber insurance requirements, and customer trust all demand rapid recovery, yet many enterprises still rely on password management processes that take days. This session introduces a vendor-neutral, identity-first framework for 72-hour recovery, covering detection, containment, and large-scale access restoration while ensuring compliance. You’ll leave with a clear, adaptable roadmap to strengthen resilience, minimize downtime, and align identity practices with today’s threats. Identify the compliance, insurance, and business pressures driving the 72-hour identity recovery window. Master the critical steps for rapid detection, containment, and large-scale credential restoration. Avoid the hidden process and technology gaps that turn hours into days. Measure your organization’s recovery readiness against industry best practices — and know how to close the gap.

72-Hour Recovery Plan for Enterprise Password Management

Learn how your organization can join Cybersecurity Awareness Month this October. This webinar will walk you through the 2025 campaign theme, key messages, and the suite of free resources available to help you raise awareness within your organization and beyond. From simple social media posts to full-scale internal awareness campaigns, this session will equip you with the knowledge and materials you need to make an impact in your organization.

Attendees will learn:
• The ready-to-use tools and templates available to support your campaign
• Creative ideas for engaging employees and building a culture of cybersecurity
• Tips for aligning your campaign with the broader national effort

How to Get Involved in Cybersecurity Awareness Month

As identity becomes the new security perimeter, the urgency to modernize identity governance is growing but evaluating IGA solutions can be complex, especially with evolving cloud architectures, regulatory demands, and rising security expectations.

In this practical session, Omada will walk through a framework for evaluating Identity Governance & Administration (IGA) solutions, grounded in real-world RFP guidance. You’ll learn how to frame your requirements, identify deal-breakers early, and ask the right questions to avoid costly missteps.

Attendees Will Learn:
• Key considerations for choosing a modern IGA solution (scalability, integration capabilities, usability etc.)
• Practical insights for comparing vendors
• Must-ask evaluation questions to uncover platform maturity and vendor fit
• Tips for selecting the right solution for your organization

Whether you're planning a formal RFP or assessing your current solution, this session will help you take a structured, security-aligned approach to choosing a modern IGA platform.

Evaluating IGA Solutions: Questions to Ask in Your RFP

Since we always lack budget and resources then what's the strategy? We can't do it all but there is an approach that will help you meet today’s security challenges whether you have a team or not.

This session digs into this security strategies, both practical and controversial, and a lot more as Den Jones, Founder & CEO at 909Cyber, provides some proven tested strategies that help thwart today's attacks.

What's Your Security Strategy?

Machine identities—from service accounts to cloud secrets—are exploding in number. Yet most compliance programs can’t keep up. In this hands-on walkthrough, you'll see how Segura provides complete visibility, policy-based automation, and audit-ready reporting for machine identities. Watch a live demo, hear expert commentary, and leave with a roadmap to protect non-human access and simplify compliance.

Attendees Will Learn:
– How to identify and inventory machine identities across hybrid and multi-cloud environments
– How to apply privileged access and secrets management to control non-human identities
– Real-world examples of how to automate discovery, policy enforcement, and auditing
– How to bridge the gap between DevOps, security, and compliance for continuous oversight
– Which metrics and tools are essential for aligning machine access with SOX, ISO 27001, PCI-DSS, and NIST compliance requirements

Simplifying Machine Identity Compliance - Live Walkthrough

It’s no surprise tech investments in Artificial Intelligence (AI) and cybersecurity are on the rise. The top priority for C-Suite (52%) is to speed up digital transformation, and now security leaders must tackle a new, exploding attack surface – machine identities & AI agents – while breaking silos and doing more with less.

Identity is at the center of this rapid change. Today, machine identities outpace humans by a ratio of 82:1. Join us live as CyberArk Chief Strategy Officer Clarence Hinton explores trends, market dynamics and other pressing issues shaping the 2025 identity security landscape.

Identity Security in 2025: Top Trends from 2,600 Security Decision-Makers

Disconnected applications pose a significant challenge to identity lifecycle management, often operating beyond the reach of traditional identity governance platforms. This results in risks like orphaned accounts and compliance gaps. In this webinar, Henrique Teixeira (SVP of Strategy at Saviynt) and Belsasar Lepe (CEO of Cerby) will explore why addressing this “last mile” is crucial. They will demonstrate how integrating Saviynt’s governance framework with Cerby’s automation platform enables end-to-end access governance—without the need for APIs or SCIM.

Attendees Will Learn:
-Why disconnected applications create critical identity governance challenges
-How automation addresses the “last mile” in identity lifecycle management
-The benefits of integrating Saviynt’s governance with Cerby’s automation platform
-A demonstration of a joint solution enabling access governance without APIs or SCIM
-Insights into the future direction of identity governance

Solving the Last Mile in Identity Lifecycle Management: Why Automation Is the Future

In today's complex regulatory environment, adhering to various cybersecurity and data privacy regulations is a challenging yet essential task for organizations. Join us for an insightful round table discussion where industry experts from Segura will delve into identity-centric strategies to simplify and streamline regulatory compliance. We'll explore frameworks such as NIST 2.0, ISO 27001, CIS Controls, and data privacy regulations like GDPR and CCPA. Learn how Privileged Access Management (PAM) plays a critical role in meeting these standards.

Attendees Will Learn:
–How to identify and inventory machine identities across cloud, on-prem, and DevOps pipelines
–The top compliance red flags related to machine accounts and credentials
–Techniques to automate policy enforcement and auditing of machine identities
–How to leverage PAM, secrets management, and CIEM together for stronger governance

Why Machine Identities Are Your Next Compliance Risk

There is an ever-widening gap between the threats to identities and access control and our ability to defend against those threats. Bad actors know it, and they exploit gaps in traditional, outdated security controls. Without a new identity security paradigm to meet new challenges, defense will fall behind and risk will increase. This new paradigm must protect a full spectrum of identities, break silos with unified discovery, policy creation and management across environments, grant privileges based upon context and risk, include ITDR and pre and post authentication projection. Learn how organizations build comprehensive security programs to meet today’s threats.

Attendees will learn new identities groups, the risks they pose and how to secure them; How to address new cybersecurity challenges.

Securing the Future: The New Identity Security Paradigm for Cyber Leaders

Zero Trust isn’t just a framework—it’s a necessity. But, in reality, implementing it is easier said than done. Some organizations are doing it well, while others struggle with hidden gaps and unexpected roadblocks. So, what’s actually working? What’s falling flat? And where is Zero Trust headed next?

Join Cerby's Rick Weinberg and John Kindervag, the creator of Zero Trust, for a discussion on the state of Zero Trust today. We’ll break down the real-world wins, the most common pitfalls (spoiler: disconnected apps are a big one), and how to future-proof your security strategy. Whether you're deep into Zero Trust or just getting started, this webinar will give you the insights you need to get the most out of your security investments.

Attendees Will Learn:
– The current state of zero trust
– Common roadblocks and how to overcome them
– Real-world examples and best practices
– How to future-proof your security strategy

Zero Trust in Practice: What’s Working, What’s Failing & What’s Next

Modern enterprises don’t just manage human identities anymore. From cloud workloads and service accounts to Agentic AI and automation scripts, non-human identities (NHIs) now outnumber human users in most organizations. Yet, security teams face a paradox: while they’re responsible for securing NHIs, these identities are often created and managed by DevOps and development teams. This disconnect can lead to unchecked credential sprawl, privilege mismanagement, and security blind spots.

In this interactive session with the Identity Defined Security Alliance (IDSA), we’ll break down what non-human identities are, why they matter, and the risks they introduce. More importantly, we’ll explore how security teams can move from reactive gatekeepers to proactive enablers—helping DevOps teams work more efficiently while reducing risk. Our experts will share practical strategies for securing NHIs without adding friction, covering workload authentication, API access, and secrets management.

Whether you're struggling with visibility into non-human identities or looking to implement scalable security controls, this discussion will equip you with actionable insights to align security and DevOps, strengthening your overall identity security strategy.

Securing Non-Human Identities: Balancing Security and Productivity

IAM Program owners must deal with the fact that identities are the most dispersed set of artifacts to manage and the most exploitable attack vector to secure. But fragmented identity systems lead to siloed identity sprawl, making it hard to reign in daily operations. Join Axonius to learn how aggregated asset data and intelligence across the entire identity fabric enables unified lifecycle actions, governance, posture, and hygiene operations in one place.

Take Action With Consolidated Identity Operations

Google recently announced a proposal to reduce the maximum validity period for public TLS certificates from 398 days to 90 days. This is a massive change that all organizations need to be aware of now to start preparing for how to renew all public TLS certificates four times a year.
What is the objective behind these proposed changes? What’s the impact on certificate management and how should organizations prepare?
Certificate lifecycle management automation is the only way to keep up with short-lived certificates to ensure your internet applications are available and secure. Start preparing now!

What Will Attendees Learn?
– Google’s proposal to reduce the TLS certificate validity
– The impact of short-lived certificates and how to prepare
– How to achieve certificate lifecycle automation and crypto-agility at scale with AppViewX CERT+

Crypto-Agility Automation: Preparing for Google’s 90-Day TLS Validity Proposal

Automation

Data Encryption

Encryption

Security Management

Information Security

IT Security

Network Security

Certificate Lifecycle

Website Security

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Crypto-Agility Automation: Preparing for Google’s 90-Day TLS Validity Proposal

Presented by

About this talk

Identity Defined Security Alliance