Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2022

A Primer on Policy-Based Access Management (PBAM)

Policy-based access management (PBAM) uses decoupled policy as code and a policy engine to provide real-time authorization decisions throughout the cloud-native ecosystem. This article presents an overview of policy-based access management, its benefits and implementation methods.

4 Cloud-Native Predictions for 2023

As AuthZ Becomes Mainstream, Policy as Code, Infrastructure as Code and Software Supply Chain Security Will Merge It’s the holiday season, which means it’s time for the greatest gift of all: next year’s predictions. Last year, we predicted that in 2022 security teams will embrace cloud-native tools to automate manual checks, that enterprises will increasingly shift on-prem resources into the cloud and that we’d see the emergence of a clear authorization market.

How to Establish a Zero Trust IAM Framework

Enterprises cannot implement Zero Trust cybersecurity without real-time dynamic authorization and authentication for every access request. The principles of Zero Trust and Identity and Access Management (IAM) best practices help fill the gaps that traditional cybersecurity systems often create and ignore.

Top 5 Access Control Challenges

Identity and access management (IAM) is an integral part of security systems. Without proper authentication and authorization, it would be impossible to practice cybersecurity principles such as zero trust and least privilege. By now, most organizations have a firm grasp on the identity part of IAM, including concepts like multi-factor and token-based authentication.

Dynamic Authorization with Policy-Based Access Management

Traditional or static authorization methods no longer meet the demands of today’s digital business environment. Data breaches are on the rise (a 23% increase in 2021, as per the Identity Theft Resource Center), forcing organizations to re-evaluate their security and compliance practices.

OPA Management: Challenges and Opportunities

The Open Policy Agent (OPA) is a policy engine that brings the speed, reliability and flexibility of decoupled policy as code to a wide range of authorization use cases across the cloud-native ecosystem. OPA is a Cloud Native Computing Foundation (CNCF) graduated project and has become an industry-wide standard for authorization, with several leading enterprises implementing it in their business-critical cloud systems.

8 Benefits of Externalized Authorization Management (EAM)

The evolution of application design and cloud-native technologies means that developers can no longer rely on traditional authentication and authorization methods to be effective. While new standards for authentication already exist and are easily implemented, authorization remains a challenge, especially in a fast-paced, dynamic cloud environment. One method of solving this issue is to externalize authorization, allowing policy management to be decoupled from the application itself.

What Is Fine-Grained Access Control?

A data and security breach often leads to fines and the loss of customer trust for organizations. An IBM report estimates that a data breach on average costs $4.35 million in 2022, a 2.6% increase from the previous year. The increased concern with data and security breaches — along with the need to address more complicated use cases — reinforces the call for more granular methods of access control.