SlideShare une entreprise Scribd logo

[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of the Developer

WSO2
WSO2

Everything is famously code-integrated today—cars are computers with wheels, appliances have Internet access, smart doors and houses are controlled from mobile phone apps, etc. With all this code around, security is more of a challenge than ever. A central pillar of security is identity access management (IAM): the technology that protects logins and controls access. In fact, this too, is becoming code to work with all the other code. Libraries for developers are essential, including ID controls in mobile and Web applications for initial sign on, single sign-on, federated sign-on, biometric authentication systems, and sensitive data access control. To maintain security across devices, IAM code must be wherever it’s needed, when it’s needed, and automated, just like any other code. And the better we do this, the more safeguarded we all are with our ubiquitous computers.

Technologie
1  sur  13
Télécharger pour lire hors ligne
Rethinking Identity Access Management: The Rise of the Developer Eric Newcomer, September 2021
Hello! Eric Newcomer CTO eric@wso2.com https://www.linkedin.com/in/enewcomer/ https://twitter.com/enewc ● Previously: ⦿ Global Head of Security Architecture and Strategy, Citi Consumer Bank ⦿ Chief Architect, Citi Treasury and Trade Services ⦿ CTO, IONA Technologies ⦿ Distinguished Engineer & Transaction Processing Architect at Digital Equipment
3 Key business use cases for Identity and Access Management (IAM) Enable access management for employee identities (B2E). Onboard partners and 3rd parties, and securely give them access to company resources by introducing minimal changes to the current system (B2B). Improve the digital user experience of customers by streamlining operations with respect to identity and access management (B2C). Enable a 360-degree view of customer identity data to assist company leadership to make informed decisions. Secure API access for both internally facing and externally facing APIs, including cloud and IoT.
Key challenges related to IAM adoption ● Developers are under pressure to produce ⦿ Security considerations can conflict with time to market ⦿ Security reviews and approvals take time and consume effort ● IAM is not something you can add in at the last minute ⦿ Need to have a design, plan, policy & standards selection ⦿ It’s like UX - login experience has to be identified before the its construction ● And it can actually be worse with automation ⦿ Security automation can be hard to fix ⦿ Scanning tool selection & deployment requires specific ops skills 4
Meeting the challenges means getting the code right ● Provide security as code, keep developer focus in their IDEs ⦿ This helps developers bake security into their code & automation ⦿ Organizations can customize SDKs and libraries for standard processes & policies ● Policies expressed as code streamlines the security review & approval process ⦿ Security reviewers can check the code version & fingerprint ⦿ Preferably through automated scan results ● Developer skills are in high demand ⦿ Offer low code abstractions to improve productivity ⦿ Embed IAM knowledge in the code ⦿ Config and customize with GUIs ● Link apps to cloud services to ensure IAM keeps pace with innovation 5
Considerations for cloud native infrastructure* ● Clouds were designed to maximize sharing (e.g. for online shopping) and for Web and mobile apps ⦿ Strong IAM is key to customer satisfaction and avoiding “over privilege” incidents ● Clouds have different “perimeter security” principles defined by: ⦿ Resource permissions and policies – by design allow internet access ⦿ IAM systems – by design allow internet access ⦿ Network constraints - can be bypassed by shared resources ● Misconfigured policies/permissions may allow direct external access to company resources (regardless of network and IAM) ● Security teams can not prevent these misconfigurations (since they can be done at the app level) 6 *See “Banking on the Cloud” Newcomer, Ivaturi, Schulman, HPTS 2019
How “Security as code” or “shift left” help ● Implement strong authentication policies (i.e. FIDO MFA) in code ⦿ Use config GUIs to configure desired authenticators and generate SDK ⦿ Pipeline builds include the IAM policies and auto test ⦿ Self registration to reduce admin overhead ● Auto detect and replace open source vulnerabilities ⦿ E.g. http-proxy versions prior to 1.18.1 to prevent possible DOS attack ⦿ Pipeline scan open source libraries for known issues and apply updates ● Detect and remediate crypto vulnerabilities in code ⦿ E.g. issue in AWS Crypto SDK for GoLang prior to V2 allows changing AES-GCM to AES-CTR and reveal authentication keys ● Configure CI/CD pipelines to include Docker scanning, etc ⦿ Containers are immutable and cannot be patched ⦿ Put in the time to ensure the containers are secure 7
8 Developer-focused Identity and Access Management (IAM) Every service, API, device and person has a managed identity ● Digital identity is a critical part of digital business ● “Everything is code” - cars, phones, appliances, homes... The digital identity developer is becoming more prominent than the administrator ● Customer IAM needs to integrate with multiple systems (CRM, CDM, CMS, Marketing Automation, etc.) ● Application developers lack IAM specialization Organizations need an agile, event-driven customer IAM platform that can flex to meet both new business opportunities and new challenges. ● Across multiple environments, multi-cloud, on prem, hybrid
CIAM developer requirements ● Accelerating digital transformation initiatives requires an identity-centric approach ⦿ Leverage cloud based technologies for rapid deployment of critical apps ⦿ Rapidly pivot to new business paradigms as market conditions change ● Global privacy requirements can affect brand or create fines ⦿ Customers/users want a degree of control of how their data is collected/stored and managed ● Scarcity of IAM specialized developers ⦿ Connecting disparate IAM systems to get a unified view of a customer/users can be challenging, time consuming and costly ⦿ Business requirements change frequently and it becomes costly and time consuming to continuously implement changes
How CIAM as code helps 10 Take the complexity out of managing user access and enable building secure and frictionless customer experiences in minutes ● Provide libraries and SDKs for developers to include in their application projects early on ● Include code in CI/CD pipeline auto builds and testing stages ● Ensure security team reviews are more likely to be ‘check the box’ activities than finding issues ● Reduce time to market by providing needed code - developers don’t have to search for it
11 Maturity Model for CIAM
12 Identity Gateway Developer Portal How WSO2 is helping drive IAM/CIAM as code Management Portal Marketplace Self Service Portal Analytics SDKs Agents Tools
wso2.com Thanks!

Recommandé

The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]
WSO2
 
apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...
apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...
apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...
apidays
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
WSO2
 
Message based microservices architectures driven with docker
Message based microservices architectures driven with dockerMessage based microservices architectures driven with docker
Message based microservices architectures driven with docker
Docker, Inc.
 
[apidays LIVE HONK KONG] - OAS to Managed API in Seconds
[apidays LIVE HONK KONG] - OAS to Managed API in Seconds[apidays LIVE HONK KONG] - OAS to Managed API in Seconds
[apidays LIVE HONK KONG] - OAS to Managed API in Seconds
WSO2
 
[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century
[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century
[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century
WSO2
 
[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...
[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...
[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...
WSO2
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
WSO2
 

Recommandé

The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0 [ANZ]
WSO2
 
apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...
apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...
apidays LIVE Singapore 2021 - A cloud-native approach to open banking in acti...
apidays
 
Fueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected ProductsFueling the Digital Experience Economy with Connected Products
Fueling the Digital Experience Economy with Connected Products
WSO2
 
Message based microservices architectures driven with docker
Message based microservices architectures driven with dockerMessage based microservices architectures driven with docker
Message based microservices architectures driven with docker
Docker, Inc.
 
[apidays LIVE HONK KONG] - OAS to Managed API in Seconds
[apidays LIVE HONK KONG] - OAS to Managed API in Seconds[apidays LIVE HONK KONG] - OAS to Managed API in Seconds
[apidays LIVE HONK KONG] - OAS to Managed API in Seconds
WSO2
 
[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century
[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century
[WSO2 Summit APAC 2020] APIs: The Products of the 21st Century
WSO2
 
[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...
[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...
[WSO2 Summit APAC 2020] Automating an Integrated API Supply Chain Using a Clo...
WSO2
 
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
[API Word 2021] - Quantum Duality of “API as a Business and a Technology”
WSO2
 
apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...
apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...
apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...
apidays
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM
WSO2
 
[apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs
[apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs [apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs
[apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs
WSO2
 
apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...
apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...
apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...
apidays
 
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
apidays
 
WSO2 Product Release Webinar - WSO2 API Manager 1.9
WSO2 Product Release Webinar - WSO2 API Manager 1.9WSO2 Product Release Webinar - WSO2 API Manager 1.9
WSO2 Product Release Webinar - WSO2 API Manager 1.9
WSO2
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
WSO2
 
WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...
WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...
WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...
Yenlo
 
[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...
[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...
[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...
WSO2
 
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...
WSO2
 
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays
 
Apache kafka an ideal data streaming solution for your bank
Apache kafka an ideal data streaming solution for your bankApache kafka an ideal data streaming solution for your bank
Apache kafka an ideal data streaming solution for your bank
sandipanmukherjee13
 
An Entry Point to Impactful Open Banking Architecture
An Entry Point to Impactful Open Banking ArchitectureAn Entry Point to Impactful Open Banking Architecture
An Entry Point to Impactful Open Banking Architecture
WSO2
 
Best Practices for Productizing APIs with API Management and Automated Testing
Best Practices for Productizing APIs with API Management and Automated TestingBest Practices for Productizing APIs with API Management and Automated Testing
Best Practices for Productizing APIs with API Management and Automated Testing
WSO2
 
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
WSO2
 
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...
Yenlo
 
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...
Yenlo
 
API Adoption API Conference Berlin - Hans Bot
API Adoption API Conference Berlin - Hans BotAPI Adoption API Conference Berlin - Hans Bot
API Adoption API Conference Berlin - Hans Bot
Yenlo
 
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
Monetize Your Open Banking APIs with Fintechs — Strategies & Live DemoMonetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
WSO2
 
[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...
[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...
[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...
WSO2
 
Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
SecureAuth
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 

Contenu connexe

Tendances

[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM
WSO2
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
WSO2
 
Apache kafka an ideal data streaming solution for your bank
Apache kafka an ideal data streaming solution for your bankApache kafka an ideal data streaming solution for your bank
Apache kafka an ideal data streaming solution for your bank
sandipanmukherjee13
 
An Entry Point to Impactful Open Banking Architecture
An Entry Point to Impactful Open Banking ArchitectureAn Entry Point to Impactful Open Banking Architecture
An Entry Point to Impactful Open Banking Architecture
WSO2
 
Best Practices for Productizing APIs with API Management and Automated Testing
Best Practices for Productizing APIs with API Management and Automated TestingBest Practices for Productizing APIs with API Management and Automated Testing
Best Practices for Productizing APIs with API Management and Automated Testing
WSO2
 
API Adoption API Conference Berlin - Hans Bot
API Adoption API Conference Berlin - Hans BotAPI Adoption API Conference Berlin - Hans Bot
API Adoption API Conference Berlin - Hans Bot
Yenlo
 
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
Monetize Your Open Banking APIs with Fintechs — Strategies & Live DemoMonetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
WSO2
 

Tendances (20)

apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...
apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...
apidays LIVE LONDON - Evolving API Management for Event-Driven Digital Bankin...
 
[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM[EIC 2021] The Rise of the Developer in IAM
[EIC 2021] The Rise of the Developer in IAM
 
[apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs
[apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs [apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs
[apidays LIVE HONK KONG] - Building an Integrated Supply Chain for APIs
 
apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...
apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...
apidays LIVE Australia 2021 - Quantum Duality of “API as a business and a tec...
 
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
 
WSO2 Product Release Webinar - WSO2 API Manager 1.9
WSO2 Product Release Webinar - WSO2 API Manager 1.9WSO2 Product Release Webinar - WSO2 API Manager 1.9
WSO2 Product Release Webinar - WSO2 API Manager 1.9
 
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
The Best of Both Worlds: Introducing WSO2 API Manager 4.0.0
 
WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...
WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...
WSO2 - Yenlo Integration Summit Stuttgart May 15 2019 - Open Banking APIs and...
 
[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...
[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...
[apidays Live Australia] - Breaking down the barriers between Pro-Code, Low-C...
 
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...
[apidays Live australia] Building a Sustainable Ecosystem with Open APIs for ...
 
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
apidays LIVE New York 2021 - 5 Pragmatic steps to unlock Open Finance with AP...
 
Apache kafka an ideal data streaming solution for your bank
Apache kafka an ideal data streaming solution for your bankApache kafka an ideal data streaming solution for your bank
Apache kafka an ideal data streaming solution for your bank
 
An Entry Point to Impactful Open Banking Architecture
An Entry Point to Impactful Open Banking ArchitectureAn Entry Point to Impactful Open Banking Architecture
An Entry Point to Impactful Open Banking Architecture
 
Best Practices for Productizing APIs with API Management and Automated Testing
Best Practices for Productizing APIs with API Management and Automated TestingBest Practices for Productizing APIs with API Management and Automated Testing
Best Practices for Productizing APIs with API Management and Automated Testing
 
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
[WSO2Con USA 2018] Design and Implementation of the Veridium Authenticator: A...
 
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Role of Integration i...
 
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - API and Cell-based Ar...
 
API Adoption API Conference Berlin - Hans Bot
API Adoption API Conference Berlin - Hans BotAPI Adoption API Conference Berlin - Hans Bot
API Adoption API Conference Berlin - Hans Bot
 
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
Monetize Your Open Banking APIs with Fintechs — Strategies & Live DemoMonetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
Monetize Your Open Banking APIs with Fintechs — Strategies & Live Demo
 
[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...
[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...
[WSO2Con EU 2018] The Hybrid Integration Platform: Can You Be in Business Wit...
 

Similaire à [2021 Somos Summit] - Rethinking Identity Access Management and The Rise of the Developer

Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
danb02
 
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity GovernanceThe Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
IBM Security
 
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
ForgeRock
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
Archana833240
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
Hitachi ID Systems, Inc.
 

Similaire à [2021 Somos Summit] - Rethinking Identity Access Management and The Rise of the Developer (20)

Modern Architectures
Modern ArchitecturesModern Architectures
Modern Architectures
 
Privileged Access Management (PAM)
Privileged Access Management (PAM)Privileged Access Management (PAM)
Privileged Access Management (PAM)
 
Catalyst 2015: Patrick Harding
Catalyst 2015: Patrick HardingCatalyst 2015: Patrick Harding
Catalyst 2015: Patrick Harding
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
 
Open source iam value, benefits, and risks
Open source iam value, benefits, and risksOpen source iam value, benefits, and risks
Open source iam value, benefits, and risks
 
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity GovernanceThe Good, the Bad and the Ugly: A Different Perspective on Identity Governance
The Good, the Bad and the Ugly: A Different Perspective on Identity Governance
 
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
APIsecure 2023 - For flex(ibility) sake, modernize your legacy APIs!, Topher ...
 
Platform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on AzurePlatform Strategy to Deliver Digital Experiences on Azure
Platform Strategy to Deliver Digital Experiences on Azure
 
1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx1ID2-KeyBank-CapitalOne.pptx
1ID2-KeyBank-CapitalOne.pptx
 
Security in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty MutualSecurity in the Hybrid Cloud at Liberty Mutual
Security in the Hybrid Cloud at Liberty Mutual
 
Single Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password EliminationSingle Sign-On: Our Path to Password Elimination
Single Sign-On: Our Path to Password Elimination
 
apidays LIVE Jakarta - Overcoming the 3 largest obstacles to digital transfor...
apidays LIVE Jakarta - Overcoming the 3 largest obstacles to digital transfor...apidays LIVE Jakarta - Overcoming the 3 largest obstacles to digital transfor...
apidays LIVE Jakarta - Overcoming the 3 largest obstacles to digital transfor...
 
The Cloud Challenge
The Cloud ChallengeThe Cloud Challenge
The Cloud Challenge
 
Monitoring in the DevOps Era
Monitoring in the DevOps EraMonitoring in the DevOps Era
Monitoring in the DevOps Era
 
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
Identity Summit 2015: EnerNOC Case Study: The Transformation of IAM for EnerN...
 
Implementing Enterprise Identity and Access Management in a microservices wor...
Implementing Enterprise Identity and Access Management in a microservices wor...Implementing Enterprise Identity and Access Management in a microservices wor...
Implementing Enterprise Identity and Access Management in a microservices wor...
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
 
Best Practices for Identity Management Projects
Best Practices for Identity Management ProjectsBest Practices for Identity Management Projects
Best Practices for Identity Management Projects
 
Getting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of ConceptsGetting Started with ThousandEyes Proof of Concepts
Getting Started with ThousandEyes Proof of Concepts
 

Plus de WSO2

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
WSO2
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
WSO2
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
WSO2
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
WSO2
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
WSO2
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
WSO2
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
WSO2
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
WSO2
 

Plus de WSO2 (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
How to Create a Service in Choreo
How to Create a Service in ChoreoHow to Create a Service in Choreo
How to Create a Service in Choreo
 
Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023Ballerina Tech Talk - May 2023
Ballerina Tech Talk - May 2023
 
GartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdfGartnerITSymSessionSlides.pdf
GartnerITSymSessionSlides.pdf
 
[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes[Webinar] How to Create an API in Minutes
[Webinar] How to Create an API in Minutes
 
Modernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos IdentityModernizing the Student Journey with Ethos Identity
Modernizing the Student Journey with Ethos Identity
 
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
Choreo - Build unique digital experiences on WSO2's platform, secured by Etho...
 
CIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdfCIO Summit Berlin 2022.pptx.pdf
CIO Summit Berlin 2022.pptx.pdf
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses A Reference Methodology for Agile Digital Businesses
A Reference Methodology for Agile Digital Businesses
 
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
Workflows in WSO2 API Manager - WSO2 API Manager Community Call (12/15/2021)
 
Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation Lessons from the pandemic - From a single use case to true transformation
Lessons from the pandemic - From a single use case to true transformation
 
Adding Liveliness to Banking Experiences
Adding Liveliness to Banking ExperiencesAdding Liveliness to Banking Experiences
Adding Liveliness to Banking Experiences
 
Building a Future-ready Bank
Building a Future-ready BankBuilding a Future-ready Bank
Building a Future-ready Bank
 
WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021WSO2 API Manager Community Call - November 2021
WSO2 API Manager Community Call - November 2021
 
[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs[API World ] - Managing Asynchronous APIs
[API World ] - Managing Asynchronous APIs
 
[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment[API World 2021 ] - Understanding Cloud Native Deployment
[API World 2021 ] - Understanding Cloud Native Deployment
 
API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)API Revisions - WSO2 API Manager Community Call (10/27/2021)
API Revisions - WSO2 API Manager Community Call (10/27/2021)
 
[ICT Spring 2021] - Managed Crowd: The Future of Business as We Know It!
[ICT Spring 2021] - Managed Crowd: The Future of Business as We Know It![ICT Spring 2021] - Managed Crowd: The Future of Business as We Know It!
[ICT Spring 2021] - Managed Crowd: The Future of Business as We Know It!
 

Dernier

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 

Dernier (20)

EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 

[2021 Somos Summit] - Rethinking Identity Access Management and The Rise of the Developer

  • 1. Rethinking Identity Access Management: The Rise of the Developer Eric Newcomer, September 2021
  • 2. Hello! Eric Newcomer CTO eric@wso2.com https://www.linkedin.com/in/enewcomer/ https://twitter.com/enewc ● Previously: ⦿ Global Head of Security Architecture and Strategy, Citi Consumer Bank ⦿ Chief Architect, Citi Treasury and Trade Services ⦿ CTO, IONA Technologies ⦿ Distinguished Engineer & Transaction Processing Architect at Digital Equipment
  • 3. 3 Key business use cases for Identity and Access Management (IAM) Enable access management for employee identities (B2E). Onboard partners and 3rd parties, and securely give them access to company resources by introducing minimal changes to the current system (B2B). Improve the digital user experience of customers by streamlining operations with respect to identity and access management (B2C). Enable a 360-degree view of customer identity data to assist company leadership to make informed decisions. Secure API access for both internally facing and externally facing APIs, including cloud and IoT.
  • 4. Key challenges related to IAM adoption ● Developers are under pressure to produce ⦿ Security considerations can conflict with time to market ⦿ Security reviews and approvals take time and consume effort ● IAM is not something you can add in at the last minute ⦿ Need to have a design, plan, policy & standards selection ⦿ It’s like UX - login experience has to be identified before the its construction ● And it can actually be worse with automation ⦿ Security automation can be hard to fix ⦿ Scanning tool selection & deployment requires specific ops skills 4
  • 5. Meeting the challenges means getting the code right ● Provide security as code, keep developer focus in their IDEs ⦿ This helps developers bake security into their code & automation ⦿ Organizations can customize SDKs and libraries for standard processes & policies ● Policies expressed as code streamlines the security review & approval process ⦿ Security reviewers can check the code version & fingerprint ⦿ Preferably through automated scan results ● Developer skills are in high demand ⦿ Offer low code abstractions to improve productivity ⦿ Embed IAM knowledge in the code ⦿ Config and customize with GUIs ● Link apps to cloud services to ensure IAM keeps pace with innovation 5
  • 6. Considerations for cloud native infrastructure* ● Clouds were designed to maximize sharing (e.g. for online shopping) and for Web and mobile apps ⦿ Strong IAM is key to customer satisfaction and avoiding “over privilege” incidents ● Clouds have different “perimeter security” principles defined by: ⦿ Resource permissions and policies – by design allow internet access ⦿ IAM systems – by design allow internet access ⦿ Network constraints - can be bypassed by shared resources ● Misconfigured policies/permissions may allow direct external access to company resources (regardless of network and IAM) ● Security teams can not prevent these misconfigurations (since they can be done at the app level) 6 *See “Banking on the Cloud” Newcomer, Ivaturi, Schulman, HPTS 2019
  • 7. How “Security as code” or “shift left” help ● Implement strong authentication policies (i.e. FIDO MFA) in code ⦿ Use config GUIs to configure desired authenticators and generate SDK ⦿ Pipeline builds include the IAM policies and auto test ⦿ Self registration to reduce admin overhead ● Auto detect and replace open source vulnerabilities ⦿ E.g. http-proxy versions prior to 1.18.1 to prevent possible DOS attack ⦿ Pipeline scan open source libraries for known issues and apply updates ● Detect and remediate crypto vulnerabilities in code ⦿ E.g. issue in AWS Crypto SDK for GoLang prior to V2 allows changing AES-GCM to AES-CTR and reveal authentication keys ● Configure CI/CD pipelines to include Docker scanning, etc ⦿ Containers are immutable and cannot be patched ⦿ Put in the time to ensure the containers are secure 7
  • 8. 8 Developer-focused Identity and Access Management (IAM) Every service, API, device and person has a managed identity ● Digital identity is a critical part of digital business ● “Everything is code” - cars, phones, appliances, homes... The digital identity developer is becoming more prominent than the administrator ● Customer IAM needs to integrate with multiple systems (CRM, CDM, CMS, Marketing Automation, etc.) ● Application developers lack IAM specialization Organizations need an agile, event-driven customer IAM platform that can flex to meet both new business opportunities and new challenges. ● Across multiple environments, multi-cloud, on prem, hybrid
  • 9. CIAM developer requirements ● Accelerating digital transformation initiatives requires an identity-centric approach ⦿ Leverage cloud based technologies for rapid deployment of critical apps ⦿ Rapidly pivot to new business paradigms as market conditions change ● Global privacy requirements can affect brand or create fines ⦿ Customers/users want a degree of control of how their data is collected/stored and managed ● Scarcity of IAM specialized developers ⦿ Connecting disparate IAM systems to get a unified view of a customer/users can be challenging, time consuming and costly ⦿ Business requirements change frequently and it becomes costly and time consuming to continuously implement changes
  • 10. How CIAM as code helps 10 Take the complexity out of managing user access and enable building secure and frictionless customer experiences in minutes ● Provide libraries and SDKs for developers to include in their application projects early on ● Include code in CI/CD pipeline auto builds and testing stages ● Ensure security team reviews are more likely to be ‘check the box’ activities than finding issues ● Reduce time to market by providing needed code - developers don’t have to search for it
  • 12. 12 Identity Gateway Developer Portal How WSO2 is helping drive IAM/CIAM as code Management Portal Marketplace Self Service Portal Analytics SDKs Agents Tools