“Recent advancements in decentralized identity include passwordless authentication, time-bound credentials, and dynamic identity chaining. These innovations reduce risk, improve privacy, and enhance user control. Separation of authentication from authorization enables more precise access management. One-way functions protect biometric data in cloud environments. Emerging standards like SPIFFE and CSA’s agentic identity frameworks offer scalable, interoperable solutions. Together, these developments support secure, flexible identity ecosystems without relying on centralized authorities.”
“Media companies now favor hybrid cloud workflows for flexibility, speed, and cost-efficiency. Open standards ensure interoperability, while strong security protects valuable IP. Experts stress aligning cloud use with business goals, maintaining control and visibility, and using cloud strategically—not universally—to optimize collaboration, performance, and infrastructure investment.”
Publicly Published with video edition: August 18, 2025
Analyst(s): Dr. Doreen Galli
Photojournalist(s): D. Doreen Galli
Abstract:
Identiverse 2025 welcomed 3,300+ attendees to Mandalay Bay – nearly a 20% gain over 2024. Featuring 250+ sessions and 150 exhibits all on one floor, the event was smooth and accessible. Keynotes and sessions emphasized teamwork, resilience, and collaboration, while exploring AI in identity, decentralized credentials, and zero-trust implementation. Exhibitors showcased innovations from selfie-based authentication to intelligent access control and secrets vault cleanup. The shift from Aria to Mandalay Bay marked a new chapter for the expanding event, which returns to Mandalay Bay in 2026.
The Conference
Identiverse 2025 was held at Mandalay Bay Convention Center, a move from Aria in 2024. It hosted 3300 attendees, 250 sessions and 150 exhibitors.
Cautions
Friendly reminder: this research provides examples of what was shared with us at the event, not an evaluation, validation, or recommendation of the given technology.
TAGS
Identiverse 2025, digital identity, identity security, zero trust, AI in cybersecurity, decentralized identity, verifiable credentials, identity governance, privileged access management, IAM, IGA, cybersecurity conference, Mandalay Bay, authentication, biometrics, secrets management, SSO, MFA, ITDR, access control, enterprise security, digital trust, identity trends, identity innovation, conference highlights, tech expo, identity tech, identity solutions, cybersecurity trends, identity keynote, identity management
After over 53 videos, almost 200 minutes of content only 2 escalator rides, 30,000 steps and over 25 fact checks, our coverage of 2025 Identiverse ends. The event spanned 4 days, had over 250 speakers, 150 exhibits and with over 3300 attendees – 700 more registered over last year. Registration went very smooth with rarely any waiting time. Interestingly, we were informed many registered late. Executives realize that reducing risks and therefore related losses is a viable path to protecting profits in uncertain times. This year’s event took place at Mandalay Bay Convention Center, a change from Aria last year. Most enjoyed the conference taking place all on the same floor. It was great to see the conference grow and expand. Like all changes, there were the old timers yearning for the days when they all packed into too small rooms at Aria. Unfortunately, some of the sessions located physically further from Expo Hall reported some in person attendance challenges from those too tired to walk to the room. The event featured a full collection of meals. We were able to capture the Tuesday Seminar’s Lunch and the lunch on Wednesday in Expo Hall.
While at Identiverse, we conducted research for three additional forthcoming Whisper Reports for our clients. The playlists are unlisted but available and will eventually fill in with the video version of the report so you may wish to bookmark these playlists.
Readers and viewers wishing to experience the entire event are encouraged to view the Conference Whispers: Identiverse Playlist in its entirety. Once the video edition is available, the playlist will be sited as a pinned comment on the video edition. It is also easy to locate any previous Conference Whispers playlists through TBW Advisors Website under Subscribers research/Conference Whispers.
Identiverse is absolutely one of those events where regardless of the amazing session you choose, you are aware you are also missing an incredible session – or two. Fear of missing out was rampant. Fortunately, we were able to capture 53 videos for our clients and subscribers. The first Keynote featured John Pritchard, CEO of Radiant Logic. Titled, “Identity isn’t a solo Game” it drove home the message that one cannot succeed in identity without collaboration with the professionals around you throughout the organization and with others in the industry.
Another frequently referred to keynote featured the UK’s Hanna Rutter who is realizing their government digital identity solution. In her talk she spoke about the challenges of such a decentralized digital identity solution and how she is overcoming roadblocks on her path to success. A much in demand topic regarding identity challenges in the realm of AI was presented by Richard Bird. A tech talk held in the expo hall was hosted by Microsoft. Their tech talk covered the hot topic of ITDR, Identity threat detection and response.
Identity is a topic found not only in the expo halls of Identiverse, but was also seen in the halls of HIMSS, Fintech Meetup, Money 20/20 and ISC West just to name a few. What is interesting is the different manners of vendors describe their technology. At ISC West, vendors in the expo hall spoke in terms of a solution. They would always emphasize the PII information is not on the badge, rather a hash of the biometric data which enables verification is provided instead. While this was not clarified on the videos at Identiverse, the vendors later disclosed the same technical approach that was taken on the technology captured at Identiverse. If you are seeking a tap-in to sign-in on a shared device for your organization, Imprivata was in the expo hall with their solution. If you would like to verify the customer requesting the high-risk transaction is the same customer who signed up for the account, Panani shared their technology. Keyless offers a solution to authenticate high risk actions with a selfie. If you are an engineer developing a solution and need the capability to onboard customers, no need to start at square one! PropelAuth provides an out of the box identity capability you can add on to your solution to onboard customers! Seeking to manage your remote teams and seeking a cost effective out of the box solution to provide SSO and MFA? Cubeless shared their free and easy SSO and MFA solution made for you.
Is managing privileges gotten to be too much for you and your organization? Apono Unified Access Management is an intelligent solution that aims to provide just enough just in time privilege for human and non-human-identities (NHI). Oasis goes one step further in managing AI Agents’ Identity, provisioning, deprovisioning and cleaning up stale accounts. Are your coders overwhelmed trying to identity what secrets vault to use so they land up hardcoding the secret? Is your organization suffering from identity vault sprawl? GitGuardian was on hand with their solution that can assist you in identifying and remediating secrets vault sprawl.
Expo hall also featured quite a few IGA (identity governance and administration) and PAM (privileged access management) platforms. Omada captured their 25-years’ IGA experience into a free best practice framework. This framework includes use cases and related configuration recommendations for their platform, Omada Identity Cloud. Lumos shared their agentic AI autonomous IGA solution. This solution can even recommend what privileges a new employee should get based on their role and department. If you have a small but complex environment, Clarity Security has an IGA solution targeted at your organization.
Keeper Security shared their zero-knowledge identity solution for endpoints. Their solution is referred to as zero knowledge as the customer’s data is encrypted on the endpoint with the customers key; meaning, Keeper Security has no access to customer data whatsoever. Bridgesoft shared their complete identity platform that also can adapt and include any components that may already exist in your environment. Specializing at the start of the process, CyberSolve helps organizations commence new identity programs. Looking for IAM services across the portfolio? Simeio was on site there to offer guidance. Clients are reminded to schedule an inquiry to review the current state of your identity program. If you are seeking to expand it or modernize it, we will produce an inquiry plan to guide you along the journey even if you are working with an outsource provider or consultant.
Identiverse will once again be held at Mandalay Bay Convention Center June 15-18, 2026.
*When vendors’ names are shared as examples in this document, it is to provide a concrete example of what was on display at the conference, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document. Other examples products in the same category may have also been on display.
Join us for “Public is Private – Confidential Computing in the Cloud,” featuring Mike Bursell from the Confidential Computing Consortium and Manu Fontaine, founder of Hushmesh. This event will delve into the transformative potential of confidential computing for cloud environments. Aimed at CIOs, CTOs, enterprise architects, solution architects, and technical product managers, the discussion will cover how confidential computing enhances data security and privacy, even during processing. Learn about real-world applications, challenges, and future trends in this critical technology. Don’t miss this opportunity to gain insights from industry leaders and explore how to leverage confidential computing for your organization’s success.
Research Code TBW2071
Moderator: Dr. Doreen Galli, TBW Advisors
Doreen Galli
Chief of ResearchTBW Advisors LLC
Dr. Doreen Galli is the Chief of Research at TBW Advisors LLC. She’s led significant and measurable changes as an executive at IBM, DPWN, Dell, ATT, and most recently Microsoft. Dr Galli was Chief Technology and Chief Privacy Officer in Azure’s MCIGET. Gartner recognized Dr. Galli as an expert in data ingestion, quality, governance, integration, management, and all forms and analytics including sensor data.
Mike Bursell is the Executive Director of the Confidential Computing Consortium, having been involved since its foundation in 2019, and Co- chair of the OpenSSF’s Global Cyber Policy working group. He is one of the co-founders of the open source Enarx project and was CEO and co- founder of the start-up Profian. He has previously served on the Governing Boards of the CCC and the Bytecode Alliance and currently holds advisory board roles with various start-ups. Previous companies include Red Hat, Intel and Citrix, with roles in security, virtualisation and networking. He regularly speaks at industry events in Europe, North America and APAC and has a YouTube channel dedicated to cybersecurity education. Professional interests include: Confidential Computing, Cyber Policy, the EU Cybersecurity Resilience Act (CRA), Linux, trust, open source software and community, security, decentralised and distributed systems, Web3, blockchain. Mike has an MA from the University of Cambridge and an MBA from the Open University, and is author of “Trust in Computer Systems and the Cloud”, published by Wiley. He holds over 100 patents and previously served on the Red Hat patent review committee.
Speaker Profile
Manu Fontaine
CEOHushmesh Inc
Manu Fontaine is the Founder and CEO of Hushmesh, a dual-use Public Benefit cybersecurity startup in the Washington DC area. The company believes that people need safe code and authentic data, just like they need clean water and stable electricity. To deliver this, Hushmesh leverages Confidential Computing to develop and operate “the Mesh”: a global information space, like the Web, but with universal zero trust and global information security built in. Secured by the Universal Name System (UNS) and the Universal Certificate Authority (UCA), the Mesh provides global assurance of provenance, integrity, authenticity, reputation, confidentiality, and privacy for all information within it, at internet scale. Hushmesh is a NATO DIANA Innovator startup.
Dr. Roy Fune
Cannot make it live? Register and submit your question. The answer will be in the video on TBW Advisors’ YouTube Channel.
NO AI note takers allowed. Event copyrighted by TBW Advisors LLC.
After over 1500 minutes of recording and 14 escalator rides, and some 35 factchecks, our coverage of 2024 Identiverse comes to a close. Identiverse was at Aria Hostel in Las Vegas from May 28-31. It is the premier event for identity professionals. It spans 4 days, 250 speakers on over 100 topics, 150 exhibitors and 3000 onsite attendees. Attendees witnessed endless examples of identity and privacy solutions including many jokes about SAML (it is NOT dead), examples of passwordless as well as talks about the value of identity.
After over 1500 minutes of recording and 14 escalator rides, and some 35 factchecks, our coverage of 2024 Identiverse comes to a close. Registration for the four-day event kicked off after the long holiday weekend. The event featured 250 speakers on over 100 topics, 150 exhibitors and 3000 onsite attendees. There was so much packed in it was impossible to catch all of the exhibits. They had sessions in the Joshua rooms as well as Marisopa rooms. Opening day was then capped by a mighty keynote featuring John Whelan, President of the Cyber Risk Alliance and Andre Durand, CEO of Ping Identity and Founder of the Identiverse Conference. The event provided food for the attendees. We were able to capture breakfast Wednesday. The attendees did explicitly find me to let me know they were disappointed with the breakfast due to the lack of protein. I do understand the Microsoft Breakfast did feature sufficient protein. Many attendees complimented the lunch which was served Wednesday as well as on Thursday. The exhibits* were open on Wednesday after the opening keynote. They were spread between two large rooms across from each other.
As one might expect, Identiverse is all about identity. Much to my delight, an entire panel was presented on confidential computing. Confidential computing strength lies in multiparty computations among untrusted parties – something that occurs in the identity space quite often. The session immediately following was on digital identity where they pondered how one could achieve such an exchange – unfortunately those panelists did not attend the Confidential session. On the digital ID panel, it was exciting to see that California is live with a digital driver’s license. Many are still trying to get their real id into their wallet! Australian Bank was on stage for a keynote making the case for the Bank ID. Admittedly this talk created a bit of déjà vu to the days in the bid to become primary certificate authorities. There is no shortage of information to make the business case to adopt passwordless for your organization.
Thursday morning’s keynote concluded with the Power of Passwordless sign-on. This session includes a number of guest speakers from the FIDO Alliance, Clarkson University, Bank of America and Amazon. The net result is that companies love it, their customers are more engaged, and the security posture is improved. Numerous examples of passwordless solutions were shown in the exhibits. AllAUthenticate shared their passwordless solution. Bringing blue collar workers who need to punch in and out into this century, Bio-Key displayed their product leveraging MFA Mellon RFID. If you would prefer your identity solution to eliminate any and all standing privileges, SGNL can get you there and help you stay in that security posture. Zluri is available to handle access control for all SaaS solutions. Aserto is an identity service that considers policy and relationship-based access control. If your service accounts are your pain point or you don’t even know how many you have of what – a start-up just out of stealth mode called Anetac may be someone you want to evaluate. If your organization’s problem is more about non-human identity issue, Natoma can assist in provisioning, deprovisioning and maintenance of non-human IDs. The word of the conference was service and non-human IDs is an area exploding with a reported over a dozen just announced at RSA.
Google hosted an entire detailed workshop on Google Sign-On, Passkey and the use of FedFCM to deal with 3rd party cookies. It was exciting to see they are working to push privacy forward with browser.
An attention-grabbing keynote Thursday morning alerted to the Darkside of identity. Reminding all that identity is the most common entrance point for the uninvited. Another keynote reminded all attempting to forge a path in identity, that the most important thing is to just get going! Furthermore, pay attention to the point of no return. Identity and security are all about depth of defense, spend the effort when there is a big payout. Do not insist on 100% for each program as the last percentages take resources without improving security posture. It is far better to find a new program that will affect the remaining identities with the remaining resources.
One often too difficult aspect of identity is customer onboarding. To that end, Strivacity specializes in the end user aspect of identity. If you challenge is too many identity services and you are having difficulty getting a complete picture, TenableOne provides a unified dashboard to see the entire threat attack surface. If your difficulty is all about connecting identity platforms to other sources and targets, Aquera Platform provides identity connector along with automation and governance in their solution. Saviynt provided a demonstration of their identity cloud with a visual display. RSA Shared their Unified Identity platform that is available on prem or in cloud for SAS saps as well as supporting SAML. Radiant Logic also provides an identity middleware heavily focusing on the data and metadata of identity. This point was also shared during John Pritchard of Radiant Logic’s keynote.
There were options if one is seeking assistance with their identity solutions. AOH offers identity consulting spanning assessment, architecture, execution and maintenance. ProofID offers global managed identity services and are key partners with many of the top identity technology providers such as PING Identity.
Cisco provided an in-depth workshop on defining and building an identity graph. It was very insightful, and the audience was glued to the screen. What caught our eye was the end when they said, “look at that picture – you know what that means. You know what that means you are supposed to do” Even in 2019 when I was at Gartner, augmented intelligence was present so hearing, “look at the picture” was surprising. More commonly is generative AI incorporated so it suggested actions based upon what is seen. Fortunately, Microsoft was there to bring it all back to 2024. There was an Microsoft Entra deep-dive by Nichole Peterson as well as a Microsoft Entra with Co-pilot demo that allowed attendees to zoom back to 2024.
Next year’s Identiverse is held June 3-6, 205. Furthermore, next year’s conference will be at Mandalay Bay.
*When vendors’ names are shared as examples in this document, it is to provide a concrete example of what was on display at the conference, not an evaluation or recommendation. Evaluation and recommendation of these vendors are beyond the scope of this specific research document. Other examples products in the same category may have also been on display.
