Authorization that Scales to the Cloud and Beyond

Companies are leveraging cloud native capabilities such as storage, orchestration, and compute to deliver value to their business; and much of net new application development now takes place in the cloud at a faster pace than ever before. We see the proliferation of more services, more users, and more data which all translate to more […]

Dynamic Policy Driven Authorization for Agile Enterprises

Authorization is more relevant than ever. In particular, the pace of technological change argues against the hard-coded access control hierarchies of the past. Business disruptors impact many industries (such as IoT) and force companies to be more agile and proactive (rather than reactive). The new way forward is to choose patterns and technologies that will […]

Get to the Cloud Faster, and More Securely

As enterprises continue to migrate applications, services and workloads to the cloud, they are addressing the challenge of how to protect resources in an open, cloud environment while also securely sharing the right information. It’s an opportunity to rethink how your enterprise manages Identity and Access Management (IAM) and how to ensure that your cloud […]

MuleSoft Anypoint Platform Integration

A policy-based approach like dynamic authorization provides fine-grained access control and the protection of IP and critical assets that are part of fast-moving API projects.

Securing Critical Enterprise Applications and APIs with Dynamic, Risk-based Authorization and Governance

Until now, Identity Governance and Administration (IGA) and ABAC tools have largely been deployed and operated independently of each other. However, there is significant value in describing and implementing a set of use cases where integrations between IGA and ABAC systems can be accomplished to further ensure best-in-class IAM. Growing customer requirements are the key […]

Dynamic Authorization Extension for SharePoint®

The Dynamic Authorization Extension for SharePoint integrates the Axiomatics Policy Server into existing SharePoint sites to provide dynamic Attribute Based Access Control (ABAC) to assets managed within SharePoint. This extension will reduce time spent managing authorization and enable centralized reporting to ease the administration and management burden. The visibility into access control helps to audit […]

Securing APIs and Microservices with ABAC, OAuth, and OIDC

Attribute Based Access Control (ABAC), OAuth 2.0 and OpenID Connect (OIDC) are complementary standards that can be used individually or in concert to offer comprehensive access control for applications that are built using microservice and API approaches. In this webinar, Gerry Gebel and David Brossard outline a set of examples where security standards work together […]

Authorization Made Simple: Using ALFA, REST, and JSON to Secure Applications

As more companies across all industries develop more applications, the challenge of securing those applications becomes more complex. In this webinar, Jonas Iggbom and David Brossard of Axiomatics discuss how easily authorization can be externalized from your apps, expressed as policies, and enforced consistently using ALFA, XACML, and the Axiomatics Policy Server. Fill out the […]

Streamline Access Control with Federated Identity and ABAC

Enterprises are pained by legacy access control approaches. They are looking to achieve better access control management and consistency along with strong audit control and ease of record keeping and archiving. But the challenges are many: Lines of business have defined their own roles for access. Silos in the organization have different models and patterns […]

KuppingerCole Report – Executive View: Axiomatics Policy Server

The Axiomatics Policy Server (APS) has been named among the leading access control solutions for its outstanding features according to KuppingerCole in this Executive View report. Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization’s breadth of access control needs. APS makes available a suite of tools and services to manage […]

Glossary of Terms: Understanding Attribute Based Access Control

This glossary includes terms defined for architecture, services, and key phrases related to Attribute Based Access Control and the Axiomatics Product Suite.

Axiomatics Data Access Filter for Multiple Databases – Product Sheet

Get to the heart of access control, with policy-based authorization applied on the content of relational databases. The Axiomatics Data Access Filter for Multiple Databases derives user permissions from real-time evaluation of policies, and can filter, mask or redact based on these same policies. This data-centric security approach provides the visibility and control required in today’s […]

KuppingerCole Report – Executive View: Axiomatics Data Centric Security

KuppingerCole’s Executive View reports offer advice to IT professionals looking for data-centric security. In the October 2017 report, Axiomatics’ data-centric dynamic authorization suite is profiled. The report sheds light on two flagship products: Axiomatics Data Access Filter for Multiple Databases and Axiomatics SmartGuard™ for Big Data, both of which apply an Attribute Based Access Control […]

Dynamic Externalized Authorization for the Evolution of the Service-Oriented Architecture – Using ABAC for APIs and Microservices

As opposed to traditional monolithic applications, a (micro)service-based architecture comprises multiple loosely coupled modules (“services”) that serve specific business purposes and communicate over lightweight network protocols. Such services can be developed, deployed and scaled independently on different platforms, which greatly reduces the time needed to bring as new product to market and allows for continuous […]

Empower the New Identity Architecture: Combine a Federated Identity Service with Attribute Based Access Control (ABAC)

In today’s complex identity infrastructures, flexibility has become an essential requirement. The rise of cloud-based platforms, SaaS applications along with other industry trends such as Internet of Things (IoT), and Big Data has added to the number of distributed identity silos that enterprises must manage. Implementing fine-grained access control across a wider array of sensitive […]

EY Digital Identity and Access Management Report

As organizations shift business strategies towards new digital channels to maintain a competitive advantage, and consumers become increasingly reliant on multiple device connections, cybersecurity threats are becoming more prolific and more sophisticated than ever before. Cybersecurity is no longer about prevention, but rather about detection and readiness for the inevitable. And everyone, from boardroom to […]

Why Axiomatics Federal?

  As the global independent leader in Dynamic Authorization solutions for Federal Government, our people, expertise, and our best-in-class software set us apart. Agencies come to us to solve complex use cases around access control to applications, databases, Big Data, microservices, and APIs. Through a policy-based approach to dynamic authorization that utilizes the Attribute Based […]

KuppingerCole Executive View: Axiomatics Policy Management Suite

The Axiomatics Policy Management suite provides a solution for companies wanting to provide fine grained access control to protected resources. This means evaluating a user’s access request, at runtime, against pre-determined policies to either permit or deny the user’s request. Applications then apply the decision. The Axiomatics Policy Suite was featured in this Leadership Compass […]

Why Axiomatics?

As the global independent leader in Dynamic Authorization solutions, our people, expertise, and our best-in-class software set us apart. Customers come to us to solve complex use cases around access control to applications, databases, Big Data, microservices, and APIs. Through a policy-based approach to dynamic authorization that utilizes the Attribute Based Access Control (ABAC) model, […]

Federal Mission: Security Compliance using Externalized Authorization Management (EAM)

United States federal agencies are beholden to myriad regulations and standards, some of the most notable of which are the FIPS Publication 200 and the NIST Special Publication 800-53. Both documents, in combination, “ensure that appropriate security requirements and security controls are applied to all federal information and information systems.” These documents offer guidance on […]

Solving New Collaboration, Security, Cloud and Mobilization Challenges in the Energy Sector

Discover how companies in the power and utilities sectors can use attribute based access control to safeguard and securely share sensitive data within their ecosystems.

Webinar: Externalized Dynamic Authorization in a [Micro]Services World

Externalized Dynamic Authorization in a [Micro]Services World Key Takeaways: Enforcing authorization on the response leg to incorporate characteristics of the resources being protected Utilizing scopes only for what they were intended: delegated consent Filtering data at the Policy Enforcement Point Deploying authorization services as a microservice Fill out the form below to view this webinar.

Protect Critical Data and Enable Collaboration with ABAC

Access control has evolved to meet the changing security challenges organizations face in the digital age. Attribute Based Access Control, known in brief as ABAC, is quickly becoming the standard model for organizations confronted by the need for a robust and flexible solution to today’s increasingly complex security demands. Download the PDF to learn more […]

How ABAC fits into an IAM Framework

IAM teams are finding that Attribute Based Access Control is key to meeting regulatory and compliance requirements. ABAC is an access control approach that is recommended by NIST and discussed in their Guide to Attribute Based Access Control (ABAC) Definition and Considerations (NIST Special Publication 800-162) document. With ABAC, the use of subject, environment, and […]

The Basics of Attribute Based Access Control (ABAC)

Traditionally, the focus of authorization and access control has been on building barriers to sensitive data and only making it available to a select few. But that’s changed as companies want to get more from their data and make it really work for them. Authorization is now about facilitating user access to the right data […]

Data-centric Security for Pharmaceuticals – Executive Summary

Providing the right stakeholders with unobstructed access to sensitive data is essential in any industry. Within the pharmaceutical and biotech industries, inefficient data sharing and collaboration slow down the research process and delay the launch of new products. However implementing an effective data share approach can be extremely complex through a combination of business, security, privacy and regulatory […]

Axiomatics Dynamic Authorization

Unified Dynamic Authorization: Enterprise Access Control, Anywhere, anytime.  Axiomatics provides externalized authorization through attribute and policy-based access control for applications, databases, Big Data, APIs and microservices. As the premier vendor in authorization, Axiomatics solutions are ideal for enterprises and government agencies that need to securely share information, while complying with complex and ever-evolving regulations. The Axiomatics […]

KuppingerCole Executive View: Axiomatics Data Access Filter

Managing access to data held in databases is becoming increasingly important. We need a way to mask sensitive data from those who should not see it and deliver content those who should. We also need to do this dynamically, removing access on a real-time basis as user authorization changes. This Executive View from analyst firm […]

Enforcing Fine Grained Access Control Policies to Meet Legal Requirements

A Webinar with Axiomatics and IAM Analysts KuppingerCole: Take me to recording Join Axiomatics and leading analyst firm KuppingerCole to learn more about Attribute Based Access Control (ABAC). ABAC solutions provide an organization with the power to control access to protected resources via a set of policies. These policies express the increasingly complicated legal and business environments […]

The CISO’s Guide to Planning for ABAC Success – with Guest Speakers from Security Architects Partners

A webinar with Axiomatics and Security Architects Partners Axiomatics and Security Architects Partners present this session on the components for a successful transition from legacy access control models, such as Role-based Access Control, to one that enables dynamic authorization. Attribute Based Access Control, known as ABAC, is the new model for access control as identified by NIST […]

Delivering Fine-Grained Authorization Today by Leveraging a Federated Identity Service and ABAC

A webinar with Axiomatics and Radiant Logic View the recording here: http://www.radiantlogic.com/learning-center/events/webinars/webinar-3312016/ A recent Gartner report predicts that by 2020, 70% of organizations will use Attribute-Based Access Control (ABAC) to protect critical assets, up from 5% today. We all know that ABAC—for fine-grained authorization, externalized and standards-based representation of policies—is the way to go. Along the way, […]

How Top Banks Use an Attribute-Based Approach (ABAC) to Protect PII, Critical Assets, and Meet Regulations

Find out why Attribute Based Access Control is the solution for the world’s leading banks and financial institutions. As demands for better online services– from customers, staff and third parties – escalate, so too do the number and complexity of regulations. The list of requirements is many: FFIEC, FRB, FDIC, OCC, NCUA, CFPB, ACSSS to […]

Making a Business Case for Attribute Based Access Control (ABAC)

Cut Costs, Streamline Access Control and Achieve Compliance. Are you looking to shift your access control approach to handle today’s complex IT environment? Or maybe you’re find you’re already spending too much time and money managing access control and it’s not meeting your security expectations? In fact, we see many security architecture teams across the Fortune […]

Axiomatics Policy Auditor

The Axiomatics Policy Auditor (APA) with Prover Plug-In1 delivers a platform for auditors and IT administrators to analyze and audit eXtensible Access Control Markup Language (XACML) policies within an organization. Designed with business users in mind, the APA simplifies the task of auditing security policies by allowing its users to: Verify compliance of XACML policies. […]

The Identity & Access Management (R)evolution

Ready to evolve your access control to meet new complexities? Many organizations are currently striving to develop new strategies in their IAM vision and roadmap planning. While investments that are already in place need to be leveraged, organizations look for IAM capabilities that will make them more agile and responsive to change requests. This paper […]

Swiss Re – User Permisson Management

The insurance sector is highly regulated. Sensitive information must be protected in compliance with regulations, with as little impact on business as possible. At the same time compliance with regulations has to be proven to auditors. Key to this is managing and enforcing user permissions to information. However, in many organizations legacy IT systems and […]

Cross Border Privacy Enforcement – Global Financial Services and the Data Flow Challenge

Privacy regulations impact cross-border transactions in the financial services industry. Domestic processing of personally identifiable information (PII) and the transfer thereof for storage or processing outside the country’s jurisdiction are scenarios with different regulatory mandates. This business case brief will highlight the challenges and solution to secure information and to be compliant with regulations. Key […]

Beyond Database Security

This is a joint webinar together with analyst firm KuppingerCole. Controlling access to databases can be anything between complex, performance-breaking and not fine-grained enough. In this webinar we will explore new approaches to this challenge and how they tackle frequent performance and security issues. The more information is available to and shared with those who […]

Flexible and Dynamic Security for the Data-Centric Enterprise

Requirements for securing data often pass down from C-level executives through multiple layers: from security architects out to the teams and systems administrators responsible for implementing security requirements. At each step, different tools are used to achieve the objectives, making it difficult to trace the security configuration back to the original requirements. This results in […]