A review of authorization related features added to Google Cloud Platform between 2019-2022.

This post is only available to members.

A review of authorization related features added to Amazon Web Services between 2019-2022

This post is only available to members.
An analysis on VC funding in authorization, existing vendor feature additions and acquisition activity.

A primer on authorization technology, covering RBAC, ABAC, XACML, OAuth2, Open Policy Agent and Zanzibar.

This post is only available to members.
A few items to appear in The Cyber Hut intelligence inboxes this week. Styra Launches Cloud Native Entitlements Solution Styra, the authorization startup behind Open Policy Agent, recently announced another solution to their kit bag. Their Cloud Native Entitlements approach seems to be aimed at bringing a distributed and replicated approach to entitlements management – […]
Authorization – the old chestnut often associated with role based access control – is seemingly making a cool-kid comeback. Well, RBAC is like SAML and passwords – seemingly dead, yet still going strong at the same time. Very smart. I was lucky (?) enough to have been in the RBAC space the first time ’round […]
A few weeks ago I ran a slightly provocative and not very scientific poll on LinkedIn asking which was the more important: authentication or authorization? Clearly in the grand scheme of things that is a pretty pointless exercise, but the rationale was to really identify some thought processes and reactions. It provided some interesting responses. […]
The Cyber Hut recently ran a 7 day community poll on LinkedIn asking which of four big-ticket items will organisations be looking at from an identity and access management point of view.
A 34 page guide for learning how to develop an assessment framework for people-centric authentication and login systems. Table of contents: Introduction Importance of Authentication Improved Security and Access Control Improved Trust and Accountability Compliance with Regulations Supporting Personalization and User Experience Foundation for Authorization Minimizing Insider Threats Importance of Authentication Testing Increased Adversarial Targeting […]
This four-day security extravaganza tours the world, and I attended the keynotes and briefings sessions on the 6th and 7th. Clearly this is a broader security conference, but as always the role of identity and access management appears in more ways than previous and often in slightly less obvious ways.