Beyond OAuth: Securing APIs with Policies & ABAC

Måns Håkansson gave his presentation on securing APIs with policies and Attribute Based Access Control (ABAC) at this year’s KuppingerCole Cyber Access Summit / Cybersecurity Leadership Summit in Berlin on November 14th, 2018. Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert […]

Insights Success: Axiomatics Feature

Axiomatics: An Independent Leader in Dynamic Authorization Solutions Axiomatics was featured in Insights Success as the leader in dynamic authorization. Read the full article here: Axiomatics: An Independent Leader in Dynamic Authorization Solutions   Headquartered at Stockholm, Sweden, Axiomatics provides access control software that protects the most critical assets of today’s modern enterprises. This includes applications and […]

CSO Online Feature: When Security and Privacy Overrule Convenience

Organizations can enable end-to-end API security with OAuth, OpenID Connect and ABAC by Gerry Gebel for CSO Online Modern technology is constantly making our lives easier. Our phones and the applications we use make it more convenient to work, play and listen. If you need door-to-door ground transportation, you can access a ridesharing app to […]

DevOps.com Feature: DevOps: Making the Development Cycle More Secure

By Gerry Gebel for DevOps.com Fundamentally, DevOps is all about speed and agility. Customers expect companies to deliver and update applications at an accelerated pace and businesses must adopt modern technologies to meet customer expectations. With DevOps, organizations can implement a continuous development and deployment cycle to reap a multitude of benefits. Not only can […]

CSO Online Feature: Connecting ABAC to Identity Governance and Administration to Extend Access Control Capabilities

Enterprises need an approach to improve synergies between existing IAM technologies As applications, data and infrastructure continue moving into the cloud, the need for authorization of users to have the right access at the right time increases as well. The new enterprise is a hybrid of cloud and on-premise deployments all requiring a vetted, comprehensive […]

CloudPOST Feature: Establishing a Secure Cloud Infrastructure with Dynamic Authorization

By David Brossard for CloudPOST Today, it is imperative for businesses to increase scalability and enable collaboration among development teams to help solve complex challenges, all while cutting down on IT business costs. To accomplish this daunting task, more and more organizations are shifting their entire IT infrastructure to the cloud and adopting a “cloud everything” […]

Securing APIs and Microservices with ABAC, OAuth, and OIDC

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. In this webinar, Gerry Gebel and David Brossard outline a set of examples where security standards work together […]

Technical Viewpoint: Protecting Microservices and APIs with ABAC, OAuth, and OpenID Connect

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. This document outlines a set of examples where security standards work together in addressing requirements that are difficult […]

CSO Online Feature: How Enterprise Security Transformed in 2017 and What Comes Next in 2018

Digital transformation and microservices made up the most impactful trends for the enterprise security industry in 2017, but what will have the biggest impact in 2018? Enterprise security is always evolving, not by choice but because organizations are constantly facing new security threats. As 2018 fast approaches, let’s take a quick look back at how […]

Axiomatics Identifies Transformative Enterprise Security Trends for 2018

DevSecOps, Securely Sharing Data and Regulatory Compliance Highlight the Trends to Watch for Enterprise Security in 2018 CHICAGO (December 13, 2017) – Axiomatics, the leader in fine-grained dynamic authorization, today announced the top enterprise security trends that will have significant ramifications for businesses in 2018 and beyond. The trends were compiled by a panel of security […]

Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture – Using ABAC for APIs and Microservices

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous […]

CSO Online Feature: Enhancing API Security, Dynamic Authorization to Protect Sensitive Data

Enhancing API Security: Dynamic Authorization to Protect Sensitive Data (September 11, 2017) Axiomatics’ Gerry Gebel featured in CSO Online API Gateways effectively manage the authentication of the user and provide service orchestration capabilities, but if sensitive data is involved, additional fine-grained authorization capabilities are required. Digital transformation continues to be a priority as organizations realize […]

5 Fast Facts for API Access Control

APIs have become the defacto method for connecting people with data. This is great news for users: access is much smoother and often instantaneous. But for administrators controlling sensitive data, access control is a major headache. With this in mind, we’ve outlined five key API access control facts – along with a little help on […]

Webinar: Externalized Dynamic Authorization in a [Micro]Services World

Externalized Dynamic Authorization in a [Micro]Services World Key Takeaways: Enforcing authorization on the response leg to incorporate characteristics of the resources being protected Utilizing scopes only for what they were intended: delegated consent Filtering data at the Policy Enforcement Point Deploying authorization services as a microservice Fill out the form below to view this webinar.

Axiomatics Primer: OAuth and OpenID Connect

Learn how to approach applying Externalized Dynamic Authorization to an API and/or microservices architecture that uses OAuth 2.0 flows and/or OpenID Connect (OIDC), with this Axiomatics Primer on the basics of OAuth and OpenID Connect.