Analysis on solutions and products

Insight and analytics on M&A and funding

Architecture and design for industry leaders

Expert opinion on contemporary events

Latest Analysis & Insight

This week saw the London edition of Infosec Europe - essentially a smaller version of the RSA Conference a few week ago in San Francisco. There were about 15,000 attendees and 300+ solution providers from a range of cyber and information security areas. Of course my primary interest was to get briefings and understand the viewpoint from an identity and access management perspective and see how far the tentacles of identity were now spreading into other orthogonal areas of security. It didn't disappoint and I had some thought provoking conversations...
An introduction to authorization startup Aserto.
June 2022 sees the launch of The Cyber Hut’s brand new podcast […]
What is driving the demand for new authorization models, software vendors and emerging authorization design patterns? This discusses previous failures of RBAC and XACML as well as modern architecture patterns such as identity centricity and the business mesh.
To access this post, you must purchase Member Content.

I recently ran another of my highly scientific industry polls - via LinkedIn to get a feel for this years spending patterns as they pertain to some emerging identity and access management technology areas. I have been tracking four emerging areas over the past 8 months or so, including Passwordless Authentication (where The Cyber Hut released a 61 page buyer guide last year), Cloud Identity/Infrastructure Entitlements Management, Decoupled Authorization and Identity Threat Detection and Response.

All four areas have had significant venture capitalist funding over the past 36 months and the use cases and capabilities of each have started to stabilise to a point where buy side procurement and integration is becoming consistent and vendors are identifying their competitive go to market narratives.

So my poll was essentially asking, which of these areas would a buy-side practitioner look to invest in during 2022?

Join our founder Simon Moffatt on June 14th for a free 60 […]
Vendor introduction report covering oort.io - an emerging vendor in the Identity Threat Detection and Response sector.
An independent vendor assessment of Axiomatics, covering Company Key Facts, Funding, Case Studies, Technology Key Facts, Technology Review and Strengths Analysis.
To access this post, you must purchase Member Content.
An independent vendor assessment of Styra, covering Company Key Facts, Funding, Case Studies, Technology Key Facts, Technology Review and Strengths Analysis.
To access this post, you must purchase Member Content.
A review of authorization related features added to the Auth0 platform between 2019 and 2022.
To access this post, you must purchase Member Content.
An overview of the authorization related features added by Okta between 2019 and 2022
To access this post, you must purchase Member Content.
Access control has very much been centred around models. Who should have […]
An overview and introduction to ConductorOne, an identity governance automation platform.
A review of authorization related features added to ForgeRock's Identity Platform between 2019-2022.
To access this post, you must purchase Member Content.
A selection of curated links relating to user login and authentication security controls and threat counter measures.
Join Simon Moffatt Analyst from The Cyber Hut and Ian Sorbello Principal […]
A review of authorization related features added to Microsoft Azure Platform between 2019-2022.
To access this post, you must purchase Member Content.
A review of authorization related features added to Google Cloud Platform between 2019-2022.
To access this post, you must purchase Member Content.
A review of authorization related features added to Amazon Web Services between 2019-2022
To access this post, you must purchase Member Content.
Join Simon Moffatt, Founder & Analyst of The Cyber Hut and Gal Steinberg, VP of Product at Keyless on March 29th where they'll be discussing the growing need for friction-free authentication in the light of growing regulation and fintech innovation.
An analysis on VC funding in authorization, existing vendor feature additions and acquisition activity.
To access this post, you must purchase Member Content.
A primer on authorization technology, covering RBAC, ABAC, XACML, OAuth2, Open Policy Agent and Zanzibar.
To access this post, you must purchase Member Content.
Do we need a "Chief Identity Officer"? What might drive the need for this and can existing business operating models satisfy the need for identity centric metrics?

Data -> Analysis -> Intelligence -> Frameworks

The Cyber Hut are industry specialists when it comes to identity and access management. We have contributed to industry standards. Worked for the largest vendors. Designed some of the world’s biggest identity platforms.  

We also want to break down the traditional model for understanding the market and technology for identity and access management.  Why don’t you join us?

Open Source Intelligence

We provide the vast majority of our analysis and insights free as open source articles as well as our Signals Project – providing a view into a range of OSINT data points to help with vendor understanding.

Membership Subscription

We provide a range of member only content – covering vendor intelligence, technology test drives, capability analysis and emerging market reports.  This can be augmented with inquiry hours to assist both the buy side and sell side with knowledge maximisation.

Products & Services

We also provide a range of specialised products and services for both the buy side and sell side. This can range from research reprints for marketing collateral or longer term architecture advisory.  The Cyber Hut is always independent and impartial.

Signup For New Content Releases