You searched for authorization

CISO Briefing: Next Generation Authorization

on November 11, 2022

Homegrown access control is limiting business agility - the ability to share data with those who need it, engage in joint ventures and B2B partnerships, protect PII and open up APIs to employees and customers alike. As such the market for authorization has increased substantially in the last 36 months. Funding rounds for the likes of Styra, PlainID and SGNL to name but a few indicate increased venture expectation that access control has a long tale of growth.

Opinion

Authorization: Why Now & What Next

by Simon Moffatt |

on September 2, 2022

Security starts when authentication ends. It's a line I have used a few times over the years as it is one I actually quite believe in. In an era where firewalls are derided as being pretty toothless in the fight against omnipresent complex cyber attacks - and the concept of trusted networks quite rightly become obsolete in the world of "zero trust" - it always seemed odd to me, to put such a large emphasis on stringent authentication services. Clearly authentication is hugely important don't misunderstand, but my point really was that authentication (even with a strong MFA component) becomes less relevant if a) it is not continuous and b) not part of a more holistic approach focused on the access control of services, data and APIs.

Events

Externalization of Authorization Policy: Build -v- Buy

by Editor |

on September 1, 2022

Join our founder Simon Moffatt on September 15th where he will join PlainID on a discussion around external authorization platforms.

The modern digital native enterprise is facing a number of emerging and incumbent challenges - from increased competition and demand for a more agile service deployment model through to needing the ability to share more data to more people, all under a competing climate of increased security threats coupled with a lower risk appetite.

Member

Decoupled Authorization Platforms: Capability & Vendor Review

by Simon Moffatt |

on July 1, 2022

A long read post investigating the evolution of decoupled authorization platforms - including use case and capability analysis and brief vendor review including Axiomatics, PlainID, Styra and Scaled Access.

This post is only available to members.

Opinion

Authorization: Drivers for Demand

by Simon Moffatt |

on June 1, 2022

What is driving the demand for new authorization models, software vendors and emerging authorization design patterns? This discusses previous failures of RBAC and XACML as well as modern architecture patterns such as identity centricity and the business mesh.

Member

Authorization: Auth0 Feature Evolution

by Simon Moffatt |

on March 22, 2022

A review of authorization related features added to the Auth0 platform between 2019 and 2022.

This post is only available to members.

Member

Authorization: Okta Feature Evolution

by Simon Moffatt |

on March 21, 2022

An overview of the authorization related features added by Okta between 2019 and 2022

This post is only available to members.

Opinion

Why Authorization is More Than Just Enforcement

by Simon Moffatt |

on March 18, 2022

Access control has very much been centred around models. Who should have access to what, when (and maybe more importantly why) has fascinated computer security researchers since the 1970’s. There have been several models for describing access over the years – many unfortunately lost to the academic past – being taught but never used. However, […]