Gluu Videos and Partner Webinars
Featured Video
Mike Schwartz of Gluu.org joins Doc Searls and Jonathan Bennett on FLOSS Weekly. In a world where cloud native and containers are widely used, digital identity poses a critical challenge. No one person knows more about making digital ID work than Schwartz. Gluu is an open source option which offers secure authentication for both internal and external applications in the enterprise.
Gluu Webinars and Demos
FIDO2 & PKI: A Combined Security Solution with Versasec and Gluu Casa
The benefits of PKI with requirements to manage cloud-based applications have extended the use of digital certificates, but at times have made managing PKI environments complex. Due to these complexities, enterprises are often forced to make certain adjustments or tradeoffs between business functionality and security, which can create infrastructure gaps exposed to cyber-attacks.
Learn how combining PKI with #FIDO2, is a great way to bridge these gaps where enterprises can take advantage of their existing infrastructure and extend their existing security modern #authentication methods that safeguard access to #cloud-based apps.
OAuth vs. SAML vs. OpenID Connect - Michael Schwartz
OAuth, SAML and OpenID Connect are the most important identity federation protocols in use today. Yet the many security architects struggle to express the differences between them. Front-channel, back-channel, assertion, JWT, claims, attributes, IDP, SP, OP, RP–there is a lot of jargon, and some of it seems to overlap. This compare / contrast session will help you understand the differences.
Each protocol will be given a summary introduction, with references to the parts of the standard that are most commonly used, and which parts are esoteric. The security level of an application is impacted based on the protocol and features used. SAML, OpenID Connect and OAuth offer several profiles, enabling the implementation of both high and low assurance trust frameworks. This topic will also be addressed to help clarify which solutions are best suited for which requirements.
Managing API Security at Scale With Gluu and Tyk
API security, which typically entails the management of access to APIs internally as well as the exposure of APIs in a secure manner externally, is one of the biggest concerns for businesses today. Additionally, they need to consider other aspects of the API management lifecycle such as quotas, versioning, monitoring, analytics and cataloging to become a truly successful API-first business.
So, how do we tackle these challenges? How do we ensure that we have the right foundations for our product to scale and bring value to thousands, if not millions, of users?
Watch the panel discussion featuring Gluu and Tyk, a leading cloud-native, full-lifecycle API management platform, as we look at some of the trends, challenges, and case studies around building, managing and securing APIs at scale.
Identity and Open Banking with OpenIT, hosted by the Kernel
Open banking federations enable banks, third parties, and technical providers to securely exchange data about financial transactions and customers. To accomplish this, we need both “tools and rules”.
The tools include the software and technical standards. The rules include legal agreements and business processes. What results from a successful open banking federation is called TRUST.
This high-level overview will review the common requirements that enable an open banking ecosystem to achieve high security and operational efficiency and enable trusted participants to transact at scale.
Integrating Stytch's SMS OTP authentication with Casa
Multi-factor authentication from Stytch protects your applications by using a second source of validation, like a phone OTP to verify user identity before granting access.
This document will explain how to use Casa’s Stytch interception script along with a Plugin in Casa to enroll a user’s phone number and use the received SMS OTP as a method for 2FA.
For more info visit our Github docs
Gluu’s support for FIDO is multi-tiered
The Gluu Server includes a standalone FIDO server which validates and registers credentials. There is a Casa FIDO plugin to enable users to manage their devices (i.e. register, remove). And Gluu provides a FIDO SCIM extension, which enables applications to list and remove FIDO devices for an end-user (enabling self-service).
Watch this quick demo to see how easy it is to authenticate using TouchID with the Gluu Server.
Gluu supports Apple platform FIDO 2 / WebAuthn authenticators like TouchID
Gluu’s support for FIDO is multi-tiered. The Gluu Server includes a standalone FIDO server which validates and registers credentials. There is a Casa FIDO plugin to enable users to manage their devices (i.e. register, remove). And Gluu provides a FIDO SCIM extension, which enables applications to list and remove FIDO devices for an end-user (enabling self-service).
Watch this quick demo to see how easy it is to authenticate using TouchID with the Gluu Server.
Go Passwordless with AuthenTrend ATKey
ATKey.Pro is a compact FIDO2 key that works seamlessly with the Gluu server, simplifying the authentication process with just a touch.
With this integration, we bring FIDO-certified strong authentication to the widely used Gluu Casa platform for maximum security. It will make it easier for enterprises or organizations to seamlessly roll out strong biometric authentication to reduce costs and risks of a data breach substantially.
Flexible Multifactor Authentication with PrivacyIdEA
PrivacyIDEA is a modular authentication server that can be used to enhance the security of your existing applications like local login, VPN, remote access, SSH connections, access to web sites or web portals with two factor authentication.
Originally used for OTP (One Time Password) authentication devices – being an OTP server. But now, other “devices” like challenge response, U2F, Yubikeys, SSH keys and x509 certificates are also available. It runs on Linux and completely Open Source.
Machine Learning, Biometrics with Gluu and Plurilock
Plurilock leverages state-of-the-art behavioral-biometric, environmental, and contextual technologies to provide invisible, adaptive, and risk-based authentication solutions with the lowest possible cost and complexity
In this 30 minute webinar learn how Plurilock bring behavioral-biometric authentication driven by machine learning to your Gluu deployment
Strengthen identity verification with reliable, device independent anti-spoofing
Which MFA is right for your financial institution?
Exclamation Labs Provision discusses the 5 key challenges facing banks and credit unions when selecting a multi-factor authentication solution.
In this webinar:
How to evaluate the best MFA using the 5 criteria of: usability, security, deployability, scalability and affordability
How implementing your MFA solution through an IAM platform reduces security risks
Why separate MFA solutions put your institution at risk
Enable logins without usernames and passwords
WWPass MFA is easy to use–scan the QR code on the computer screen with the WWPass Key mobile application. Enter a PIN or use biometrics… and you’re in.
In this webinar, Gluu and WWPass will provide an overview of the technology, and how to make it work with your Gluu Server.
How to IAM videos
How to build a world-class identity service
The video provides an overview of the Gluu platform, what’s open source, and how to get started. It’s just slides, no demo! But if you just want a quick intro, it’s not a bad place to start.
How to authenticate a billion unique logins a day
This video demonstrates 1 billion logins per day, which includes both simple logins, and more complex logins doing a true OpenID connect web authentication.
Role-Based Access Management
In this webinar, Gluu CEO Mike Schwartz shares a demo he’s been working on that demonstrates how you can configure Gluu Gateway to only allow access to an API to a person with the right role. This trick works for either web or browser based applications, and he shows examples of both.
Using OAuth to implement RBAC on GitHub