Information Management: Federal Trends 2020

This article appeared recently in Information Management. Written by Gerry Gebel the Vice president of business development at Axiomatics. Information Management: 6 Data Security Trends and Challenges for Federal Agencies in 2020 Data security is rapidly evolving in the federal sector as new threats and challenges emerge daily. Every year, new devices and technologies emerge […]

Modern Web Application Security for “Cloud First” Initiatives

The richness of Web Access Management (WAM) is critical to your organization because it’s often the hub of access for customers, employees, third parties and more. And so is your “Cloud First” strategy. Single sign-on is expected, but achieving this while securing access to your applications in a Cloud-Hybrid word is fraught with risks and […]

SC Magazine: DevOps to DevSecOps: How to ensure a smooth transition

This article by Niklas Jakobsson, CEO of Axiomatics, originally appeared in SC Magazine. SC Magazine: DevOps to DevSecOps: How to ensure a smooth transition Security technologies must fit into an automated model so they can be deployed and managed in the same manner as a microservices architecture or the full potential of DevSecOps will not […]

Open Source API Gateways and Dynamic Authorization: Working with Kong

APIs are used in almost all modern application projects and are usually tightly coupled with microservices. Securing APIs in different ways is critical and although many API gateways can handle basic security, they usually lack the capability to apply fine-grained policy based authorization. In this session, Jonas Iggbom from Axiomatics shows how Axiomatics operates with […]

Axiomatics Latest Updates Improve Delivery of Dynamic Authorization for Hybrid, Cloud Environments

Axiomatics is improving the delivery of dynamic authorization for multiple assets across hybrid, cloud and on-prem environments. IDN looks at the latest Axiomatics Policy Server and other updates with company execs. This article originally appeared in Integration Developer News. by Vance McCarthy, Integration Developer News “Our cloud-native PDP ensures all elements of the cloud remain […]

Dynamic Authorization for the Apigee API Gateway

One of the most common API gateways in the market that Axiomatics customers work with is Apigee. This gateway comes with built-in capabilities for extending the authorization and with that calling an external authorization service. Apigee also has capabilities to be extended using custom coding/development. Axiomatics and Apigee can be configured to apply authorization on […]

VMblog shares Axiomatics 2019 Predictions: Data Security

2019 Modern Data Center Technology Prediction Series Industry executives and experts share their predictions for 2019. Gerry Gebel, our VP of Business Development, contributed this article as part of the 11th annual VMblog.com series exclusive. Data Security As new security threats emerge and threaten sensitive customer information, businesses must develop new procedures and adopt modern […]

Axiomatics Policy Server Product Sheet

The Axiomatics Policy Server is the industry-leading solution to control access to critical applications. Using externalized dynamic authorization, it provides the most efficient policy engine on the market, and the most complete solution available for enterprise-wide roll out of Policy and Attribute Based Access Control (PBAC and ABAC). With on-premise, hybrid and cloud-native capabilities, this […]

IT Pro Portal:Critical Data Security Trends for 2019 and beyond

An article by Gerry Gebel in www.itproportal.com; IT Pro Portal covers the Critical Data Security Trends for 2019 and beyond.  It originally appeared here. Critical data security trends for 2019 and beyond Let’s take an in-depth look into the trends we expect to shape the data security landscape next year. Enterprise security is rapidly evolving […]

CloudPost: Seven Big Data Security Trends of 2019

2018 was a monumental year for cloud technologies and data security. As businesses moved application workflows to the cloud, they were forced to manage new data security challenges to balance a new modern hybrid data storage model that combines both cloud and on-premise infrastructures. An article in CloudPost By Gerry Gebel, Vice President of Business Development  […]

JAXenter: Predictions for the new year – Crucial data security trends and challenges for 2019

2019 has only just begun – what will the year hold? Ring in the new year with tech predictions from the experts. Today, Pablo Giambiagi, Vice President of Strategic Research at Axiomatics dives into the trends and challenges for data security in 2019. Read the article in its entirety here. Predictions for the new year: […]

Insights Success: Axiomatics Feature

Axiomatics: An Independent Leader in Dynamic Authorization Solutions Axiomatics was featured in Insights Success as the leader in dynamic authorization. Read the full article here: Axiomatics: An Independent Leader in Dynamic Authorization Solutions   Headquartered at Stockholm, Sweden, Axiomatics provides access control software that protects the most critical assets of today’s modern enterprises. This includes applications and […]

TMCnet InfoTech Spotlight: Federated Identity Management and Dynamic Authorization

TMCnet InfoTech Spotlight: Combining Federated Identity Management with Dynamic Authorization The virtualization of nearly everything digital is pushing more and more applications, services, storage, and compute to the cloud, now including real time communications (voice, video, messaging, collaboration) and combinations of connected machines and humans. Enterprises, governments, and individuals are operating in continuous contact, in […]

Dynamic Policy Driven Authorization for Agile Enterprises

Authorization is more relevant than ever. In particular, the pace of technological change argues against the hard-coded access control hierarchies of the past. Business disruptors impact many industries (such as IoT) and force companies to be more agile and proactive (rather than reactive). The new way forward is to choose patterns and technologies that will […]

Granular Access Control for a Complex Business Model

Modernizing Access Control in a B2B2C Organization with Dynamic Authorization The Company needed to securely share data throughout the complex delivery layers of a “B2B2C” model. The Company contracts third party organizations that perform sales, marketing, and product installation. Due to the unique nature of their financing product, The Company’s decision logic, workflow, reporting and […]

DevOps.com Feature: DevOps: Making the Development Cycle More Secure

By Gerry Gebel for DevOps.com Fundamentally, DevOps is all about speed and agility. Customers expect companies to deliver and update applications at an accelerated pace and businesses must adopt modern technologies to meet customer expectations. With DevOps, organizations can implement a continuous development and deployment cycle to reap a multitude of benefits. Not only can […]

CSO Online Feature: Connecting ABAC to Identity Governance and Administration to Extend Access Control Capabilities

Enterprises need an approach to improve synergies between existing IAM technologies As applications, data and infrastructure continue moving into the cloud, the need for authorization of users to have the right access at the right time increases as well. The new enterprise is a hybrid of cloud and on-premise deployments all requiring a vetted, comprehensive […]

CloudPOST Feature: Establishing a Secure Cloud Infrastructure with Dynamic Authorization

By David Brossard for CloudPOST Today, it is imperative for businesses to increase scalability and enable collaboration among development teams to help solve complex challenges, all while cutting down on IT business costs. To accomplish this daunting task, more and more organizations are shifting their entire IT infrastructure to the cloud and adopting a “cloud everything” […]

DZone Feature: The Journey Toward Securing the Cloud

by Gerry Gebel for DZone.com If you are in the process of moving to the cloud or still in the planning stages, the need to address complex access control cases for cloud-based resources is a must. The migration from on-premise infrastructure to the cloud is underway. Many organizations are actively adopting a cloud-first approach and […]

Securing APIs and Microservices with ABAC, OAuth, and OIDC

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. In this webinar, Gerry Gebel and David Brossard outline a set of examples where security standards work together […]

CSO Online Feature: Why You Need Both Authorization and Authentication

How to effectively manage IAM controls to secure critical assets by Gerry Gebel In previous posts I have discussed in depth the importance of authorization, specifically dynamic authorization, to control access to critical information assets. However, authorization is only a portion of the access control equation, another piece that organizations require is the authentication step […]

Technical Viewpoint: Protecting Microservices and APIs with ABAC, OAuth, and OpenID Connect

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. This document outlines a set of examples where security standards work together in addressing requirements that are difficult […]

CSO Online Feature: How important defense in depth will be as the lines between security layers blur

By Gerry Gebel (This article originally appeared in CSO Online.) What key roles defense in depth and layered security will play in the digital age. Defense in depth and layered security feel like terms from a much simpler era in information security. It was not too long ago when these concepts seemed more applicable during […]

KuppingerCole Report – Executive View: Axiomatics Policy Server

The Axiomatics Policy Server (APS) has been named among the leading access control solutions for its outstanding features according to KuppingerCole in this Executive View report. Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization’s breadth of access control needs. APS makes available a suite of tools and services to manage […]

ReadITQuik Interviews Niklas Jakobsson, Axiomatics CEO

This week, read Niklas Jakobsson, CEO at Axiomatics talk about security services organizations should use to access data and resources and how the first line of protection should always be based on Attribute Based Access Control (ABAC) – a platform that can turn collaboration into a competitive advantage by enabling individuals within an organization to […]

CSO Online Feature: How Enterprise Security Transformed in 2017 and What Comes Next in 2018

Digital transformation and microservices made up the most impactful trends for the enterprise security industry in 2017, but what will have the biggest impact in 2018? Enterprise security is always evolving, not by choice but because organizations are constantly facing new security threats. As 2018 fast approaches, let’s take a quick look back at how […]

Axiomatics Identifies Transformative Enterprise Security Trends for 2018

DevSecOps, Securely Sharing Data and Regulatory Compliance Highlight the Trends to Watch for Enterprise Security in 2018 CHICAGO (December 13, 2017) – Axiomatics, the leader in fine-grained dynamic authorization, today announced the top enterprise security trends that will have significant ramifications for businesses in 2018 and beyond. The trends were compiled by a panel of security […]

Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture – Using ABAC for APIs and Microservices

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous […]

CSO Online Feature: Enhancing API Security, Dynamic Authorization to Protect Sensitive Data

Enhancing API Security: Dynamic Authorization to Protect Sensitive Data (September 11, 2017) Axiomatics’ Gerry Gebel featured in CSO Online API Gateways effectively manage the authentication of the user and provide service orchestration capabilities, but if sensitive data is involved, additional fine-grained authorization capabilities are required. Digital transformation continues to be a priority as organizations realize […]

KuppingerCole Executive View: Axiomatics Policy Management Suite

The Axiomatics Policy Management suite provides a solution for companies wanting to provide fine grained access control to protected resources. This means evaluating a user’s access request, at runtime, against pre-determined policies to either permit or deny the user’s request. Applications then apply the decision. The Axiomatics Policy Suite was featured in this Leadership Compass […]

5 Fast Facts for API Access Control

APIs have become the defacto method for connecting people with data. This is great news for users: access is much smoother and often instantaneous. But for administrators controlling sensitive data, access control is a major headache. With this in mind, we’ve outlined five key API access control facts – along with a little help on […]

Why Axiomatics?

As the global independent leader in Dynamic Authorization solutions, our people, expertise, and our best-in-class software set us apart. Customers come to us to solve complex use cases around access control to applications, databases, Big Data, microservices, and APIs. Through a policy-based approach to dynamic authorization that utilizes the Attribute Based Access Control (ABAC) model, […]

Webinar: Externalized Dynamic Authorization in a [Micro]Services World

Externalized Dynamic Authorization in a [Micro]Services World Key Takeaways: Enforcing authorization on the response leg to incorporate characteristics of the resources being protected Utilizing scopes only for what they were intended: delegated consent Filtering data at the Policy Enforcement Point Deploying authorization services as a microservice Fill out the form below to view this webinar.

The Basics of Attribute Based Access Control (ABAC)

Traditionally, the focus of authorization and access control has been on building barriers to sensitive data and only making it available to a select few. But that’s changed as companies want to get more from their data and make it really work for them. Authorization is now about facilitating user access to the right data […]

Axiomatics Primer: OAuth and OpenID Connect

Learn how to approach applying Externalized Dynamic Authorization to an API and/or microservices architecture that uses OAuth 2.0 flows and/or OpenID Connect (OIDC), with this Axiomatics Primer on the basics of OAuth and OpenID Connect.

Extending CA Single Sign-On with XACML Capabilities

Axiomatics CA Validated extension for CA Single Sign-On leverages Single Sign-On’s existing authorization capabilities and allows users to implement risk-intelligent policies that adapt with an organization’s changing IT environment. When used in combination, the solutions enable organizations to implement data governance with standards-based policies that control SOA and WAM. The CA Single Sign-On product is […]

Danish Defence – A Secure Solution for Sharing Information Electronically

A joint project with Axway, Axiomatics and Sopra Steria, this case study outlines the Danish Defence project. A secure solution forexposing APIs to send and receive information between their secure network and e-Boks. The solution also had to enable Danish Defence to communicate with other trusted third-party vendors, automate their processes, and sharply reduce costs. Read this case study […]

How Top Banks Use an Attribute-Based Approach (ABAC) to Protect PII, Critical Assets, and Meet Regulations

Find out why Attribute Based Access Control is the solution for the world’s leading banks and financial institutions. As demands for better online services– from customers, staff and third parties – escalate, so too do the number and complexity of regulations. The list of requirements is many: FFIEC, FRB, FDIC, OCC, NCUA, CFPB, ACSSS to […]

Joint webinar with Axway – Protecting Your Data Beyond the Enterprise with Fine Grained Access Control for APIs and Data

Please join Axiomatics and Mark O’Neill, VP of Innovation at Axway, as we discuss the role that fine grained access control plays in securing APIs and the data that flows through them. We will share best practices for deploying an API Gateway coupled with a powerful and flexible Policy Server to deliver scalable security with […]

Axiomatics Integration for CA API Gateway

APIs have revolutionized the way that application data can be accessed. The richness they offer enables organizations to cater for today’s modern way of communicating in a way that simply isn’t possible with a stand-alone legacy system approach. APIs have now become a prerequisite if you want a flexible and scalable system that can provide […]

API Authorization – Secure Sensitive Data with Attribute Based Access Control

In this session we have invited a very special guest speaker, Anderson Gray from CA Technologies for a look at the growth of APIs, trends, the use of API gateways and the need for more fine-grained access control. APIs have revolutionized the way that application data can be accessed, shared and monetized. But data must […]

The Key to API Security

This solution brief is an overview on how Attribute-Based Access Control (ABAC) brings security and agility to the API infrastructure. APIs have revolutionized the way we exchange data and have become the preferred method for exposing data to external parties. However, APIs that handle sensitive data pose security and data access control threats, and therefore […]

Enabling ABAC on APIs

Axiomatics attended the annual partner and customer conference Axway Connections at the prestigious Silverstone F1 circuit in Northamptonshire. Our VP of Customer Relations, David Brossard, held a session on enabling ABAC on APIs. View his presentation here. Highlights at the conference included: Customer Successes & Learnings Guest Speaker: A Perspective on the Digital Opportunity Governing the […]