Using the Power of Federated Identity and Dynamic Authorization to Streamline Access Control – with Radiant Logic

Enterprises are implementing Attribute-Based Access Control (ABAC) for externalized dynamic authorization that is both policy-based for easier audit and fine-grained enough that it can tackle any business requirement. Along the way, deployment challenges emerge: ABAC needs attributes, and attributes are linked to entities/objects and processes that are scattered across all identity and data silos. To provide […]

Authorization that Scales to the Cloud and Beyond

Companies are leveraging cloud native capabilities such as storage, orchestration, and compute to deliver value to their business; and much of net new application development now takes place in the cloud at a faster pace than ever before. We see the proliferation of more services, more users, and more data which all translate to more […]

VMblog shares Axiomatics 2019 Predictions: Data Security

2019 Modern Data Center Technology Prediction Series Industry executives and experts share their predictions for 2019. Gerry Gebel, our VP of Business Development, contributed this article as part of the 11th annual VMblog.com series exclusive. Data Security As new security threats emerge and threaten sensitive customer information, businesses must develop new procedures and adopt modern […]

CloudPost: Seven Big Data Security Trends of 2019

2018 was a monumental year for cloud technologies and data security. As businesses moved application workflows to the cloud, they were forced to manage new data security challenges to balance a new modern hybrid data storage model that combines both cloud and on-premise infrastructures. An article in CloudPost By Gerry Gebel, Vice President of Business Development  […]

DZone: Breaking Down the DevSecOps Approach

Take a look at how DevSecOps truly works to make your apps more secure. A feature article in DZone by Gerry Gebel. To keep pace with today’s on-demand world, organizations have shifted toward modern development practices like DevOps to immediately deliver products and services to their customers. DevOps merges software development and software operations teams, […]

DZone: Why Attribute-Based Access Control – The Evolution from RBAC to ABAC in Data Access Control

Learn more about the evolution from RBAC to ABAC in data access control. A feature article in DZone by Måns Håkansson Evolving from ACLs and RBAC, ABAC is now the standard model for organizations to ensure employees only have access to the information they need under the right circumstances. Today, data is often characterized as […]

Axiomatics Policy Server Data Sheet

The Axiomatics Policy Server (APS) provides a complete authorization infrastructure that scales with the needs of the enterprise. Its dynamic authorization capabilities have been designed to address the access-control needs of a broad range of systems and organizations. This is a technical data sheet. The Axiomatics Policy Server is the industry-leading solution to control access […]

Dynamic Policy Driven Authorization for Agile Enterprises

Authorization is more relevant than ever. In particular, the pace of technological change argues against the hard-coded access control hierarchies of the past. Business disruptors impact many industries (such as IoT) and force companies to be more agile and proactive (rather than reactive). The new way forward is to choose patterns and technologies that will […]

KuppingerCole Report – Executive View: Axiomatics Policy Server

The Axiomatics Policy Server (APS) has been named among the leading access control solutions for its outstanding features according to KuppingerCole in this Executive View report. Axiomatics provides a complete enterprise-grade dynamic authorization solution that can address an organization’s breadth of access control needs. APS makes available a suite of tools and services to manage […]

ReadITQuik Interviews Niklas Jakobsson, Axiomatics CEO

This week, read Niklas Jakobsson, CEO at Axiomatics talk about security services organizations should use to access data and resources and how the first line of protection should always be based on Attribute Based Access Control (ABAC) – a platform that can turn collaboration into a competitive advantage by enabling individuals within an organization to […]

CSO Online Feature: Using Dynamic Authorization to Navigate GDPR

With less than five months until the implementation of GDPR, organizations are scrambling to comply with the strict data security standards. by Gerry Gebel. This article originally appeared in CSO Online.  The implementation of the General Data Protection Regulation (GDPR) in the EU will impact hundreds of thousands of businesses globally. GDPR imposes a significant […]

CSO Online Feature: How Enterprise Security Transformed in 2017 and What Comes Next in 2018

Digital transformation and microservices made up the most impactful trends for the enterprise security industry in 2017, but what will have the biggest impact in 2018? Enterprise security is always evolving, not by choice but because organizations are constantly facing new security threats. As 2018 fast approaches, let’s take a quick look back at how […]

CSO Online Feature: Managing DevOps with Dynamic Authorization

Security technologies, like Dynamic Authorization, are an integral part of the devops methodology and should be managed in the same manner as the application itself. by Gerry Gebel In today’s on-demand and fast-changing global economy, consumers expect companies to deliver and update products and services rapidly. Many organizations have turned to a devops methodology to […]

EY Digital Identity and Access Management Report

As organizations shift business strategies towards new digital channels to maintain a competitive advantage, and consumers become increasingly reliant on multiple device connections, cybersecurity threats are becoming more prolific and more sophisticated than ever before. Cybersecurity is no longer about prevention, but rather about detection and readiness for the inevitable. And everyone, from boardroom to […]

KuppingerCole Executive View: Axiomatics Policy Management Suite

The Axiomatics Policy Management suite provides a solution for companies wanting to provide fine grained access control to protected resources. This means evaluating a user’s access request, at runtime, against pre-determined policies to either permit or deny the user’s request. Applications then apply the decision. The Axiomatics Policy Suite was featured in this Leadership Compass […]

Why Axiomatics?

As the global independent leader in Dynamic Authorization solutions, our people, expertise, and our best-in-class software set us apart. Customers come to us to solve complex use cases around access control to applications, databases, Big Data, microservices, and APIs. Through a policy-based approach to dynamic authorization that utilizes the Attribute Based Access Control (ABAC) model, […]

Federal Mission: Security Compliance using Externalized Authorization Management (EAM)

United States federal agencies are beholden to myriad regulations and standards, some of the most notable of which are the FIPS Publication 200 and the NIST Special Publication 800-53. Both documents, in combination, “ensure that appropriate security requirements and security controls are applied to all federal information and information systems.” These documents offer guidance on […]

Protect Critical Data and Enable Collaboration with ABAC

Access control has evolved to meet the changing security challenges organizations face in the digital age. Attribute Based Access Control, known in brief as ABAC, is quickly becoming the standard model for organizations confronted by the need for a robust and flexible solution to today’s increasingly complex security demands. Download the PDF to learn more […]

The Basics of Attribute Based Access Control (ABAC)

Traditionally, the focus of authorization and access control has been on building barriers to sensitive data and only making it available to a select few. But that’s changed as companies want to get more from their data and make it really work for them. Authorization is now about facilitating user access to the right data […]

Why Externalized Authorization? (for Federal Government)

“What will my organization gain from externalized authorization?” It’s a question our team hears often. Axiomatics understands our dynamic world that requires organizations to be more responsive. Typically, information and application access policies are hard coded into the application. That requires many months of coding efforts and man hours to make any policy changes, which no […]

Why You Should Externalize Your Authorization

“What will my organization gain from externalized authorization?” “Will our performance suffer?” “My team enjoys the challenge of writing their own code.” Axiomatics understands our dynamic world that requires organizations to be more responsive. Typically, information and application access policies are hard coded into the application. That requires many months of coding efforts and man hours […]

Axiomatics Dynamic Authorization

Unified Dynamic Authorization: Enterprise Access Control, Anywhere, anytime.  Axiomatics provides externalized authorization through attribute and policy-based access control for applications, databases, Big Data, APIs and microservices. As the premier vendor in authorization, Axiomatics solutions are ideal for enterprises and government agencies that need to securely share information, while complying with complex and ever-evolving regulations. The Axiomatics […]

(Big) Data Security: Protecting Information at the Source

With the growing adoption of cloud computing, Big Data or open APIs, managing, securing and sharing massive amounts of digital data across heterogeneous and increasingly interconnected infrastructures is becoming increasingly difficult. From file servers to relational databases and big data frameworks, to the Internet of Things and entire API ecosystems – each data model imposes […]

KuppingerCole Leadership Compass 2014

The Axiomatics Policy Server was featured in this Leadership Compass from KuppingerCole, by analyst Graham Williamson: Dynamic Authorization Management: Leaders in innovation, product features, and market reach for Dynamic Authorization Management. Your compass for finding the right path in the market. Axiomatics provides a sophisticated policy management environment. It divides policies into domains and allows a […]

KuppingerCole Executive View: Axiomatics Data Access Filter

Managing access to data held in databases is becoming increasingly important. We need a way to mask sensitive data from those who should not see it and deliver content those who should. We also need to do this dynamically, removing access on a real-time basis as user authorization changes. This Executive View from analyst firm […]

Five Ways to Prepare for an ABAC Program

As adoption of a policy-based approach to access control using ABAC becomes more widespread, organizations are faced with the challenges of how to prepare for a deployment: to ensure speed-to-market, enterprise-wide adoption and ROI achievement. Check out this guide to the five areas to consider in preparing for ABAC in your organization.

SmartGuard® for Data – Data Sheet

SmartGuard for Data from Axiomatics protects big data stores against unauthorized access and exfiltration of data; only allowing authorized users or applications to access the data they’re authorized to see, at the right time, under the right conditions. This data sheet outlines the technical specs and requirements for this product, including the Spark SQL Edition. […]

Vital Authorization Add-ons – Reporting, auditing and access review for Axiomatics Policy Server and Data Access Filter

This product sheet highlights the reporting, auditing and access review add-ons we provide.

The CISO’s Guide to Planning for ABAC Success – with Guest Speakers from Security Architects Partners

A webinar with Axiomatics and Security Architects Partners Axiomatics and Security Architects Partners present this session on the components for a successful transition from legacy access control models, such as Role-based Access Control, to one that enables dynamic authorization. Attribute Based Access Control, known as ABAC, is the new model for access control as identified by NIST […]

Delivering Fine-Grained Authorization Today by Leveraging a Federated Identity Service and ABAC

A webinar with Axiomatics and Radiant Logic View the recording here: http://www.radiantlogic.com/learning-center/events/webinars/webinar-3312016/ A recent Gartner report predicts that by 2020, 70% of organizations will use Attribute-Based Access Control (ABAC) to protect critical assets, up from 5% today. We all know that ABAC—for fine-grained authorization, externalized and standards-based representation of policies—is the way to go. Along the way, […]

Building Love and Compatibility between RBAC and ABAC

As legacy data access control models such as Role Based Access Control begin to break down, industries are moving to the next generation of access control: Attribute Based Access Control (also known as “ABAC”). Some experts say these two models are at odds, and to move properly, enterprises need to “rip and replace” to a […]

New Years Detox – Eliminating Toxic Combinations in your Access Control

As access control has become more complex, the assignment of roles has exploded out of control, making it harder to eliminate toxic combinations of roles that end up allowing access that should actually be denied. For example, the same person entering a trade should not be allowed to confirm it as well, as this can lead […]

Centralizing the Code – Separating Authorization Logic from Apps

For any business in the Fortune 1000 – such as health care, insurance, banking, pharmaceuticals and manufacturing – the need to shift beyond legacy role-based access control models becomes more immediate with every data breach. There’s one trend that’s crossing industries – separating hard-coded authorization logic from applications: externalizing authorization and using a policy-based approach […]

KuppingerCole Executive View Axiomatics Data Access Filter

Managing access to data held in databases is becoming increasingly important. We need a way to mask sensitive data from those who should not see it and deliver content those who should. We also need to do this dynamically, removing access on a real-time basis as user authorization changes. This Executive View from analyst firm […]

Axiomatics Data Access Filter for Multiple Databases – Data Sheet

The Axiomatics Data Access Filter applies access policies to database requests, thereby ensuring that only authorized individuals are allowed to read and write data, and to further protect this data by dynamically masking or redacting it so that sensitive data is never exposed. Get the technical details on how the product works and the system […]

Axiomatics Integration for CA API Gateway

APIs have revolutionized the way that application data can be accessed. The richness they offer enables organizations to cater for today’s modern way of communicating in a way that simply isn’t possible with a stand-alone legacy system approach. APIs have now become a prerequisite if you want a flexible and scalable system that can provide […]

From Static Roles to Dynamic Attribute-Based Authorization

This is a joint webinar together with analyst firm KuppingerCole. The webinar is hosted on KuppingerCole’s website.  Take me to the webinar Dynamic authorisation systems complement or replace the rigid role concepts through direct implementation of business-driven authorisation rules in the form of policies, and they make decisions about the access of employees, partners, and […]

Axiomatics Bootcamp 201 – Using JSON and REST Profiles for External Authorization

JSON and REST are widely used to implement lightweight and fast web services. This Axiomatics Boot Camp session will provide technical insight into using these XACML profiles for externalized authorization. This is a prime session if you’re a developer or architect and are looking to adopt Attribute Based Access Control. Key takeaways: What is Attribute […]

Getting the OWASP Top Ten Right with Dynamic Authorization

The non-stop drum beat of data breaches and non-stop security issues show that a new approach to security is required writ large. Application security can be improved through fine-grained, dynamic access control. However not all application security issues are best solved with classic access control schemes. Attackers are intelligent and adaptable. For them, the access […]

Meeting Health Care Privacy Regulations with Attribute Based Access Control

Personally Identifiable Information (PII) with related sensitive health care data is increasingly being maintained in electronic records. This means PII data can be made available, reproduced and transferred with more ease than ever before. Legislation in many countries is being adapted to secure trust in institutions, to meet the confidentiality and privacy concerns that are […]

The Identity & Access Management (R)evolution

Ready to evolve your access control to meet new complexities? Many organizations are currently striving to develop new strategies in their IAM vision and roadmap planning. While investments that are already in place need to be leveraged, organizations look for IAM capabilities that will make them more agile and responsive to change requests. This paper […]

Shifting to Attribute Based Access Control

No longer is a company’s data restricted by the boundaries imposed by physical office space and a local area network. Data sharing and collaboration transcend organizational borders and older models of access control cannot keep pace. They simply fail, and often with disastrous results. The static assignment of user permissions either directly or by way […]

Adding Fine-Grained Authorization to CA Single Sign-On

The Axiomatics Extension for CA Single Sign-On uses the Authorization API to seamlessly insert XACML capabilities into the product to add fine-grained authorization capabilities. Read more about how to add this integration on to your CA Single Sign-On installation. Key Takeaways: How the Axiomatics Extension for CA Single Sign-On allows you to combine Single Sign-On’s […]

Swiss Re – User Permisson Management

The insurance sector is highly regulated. Sensitive information must be protected in compliance with regulations, with as little impact on business as possible. At the same time compliance with regulations has to be proven to auditors. Key to this is managing and enforcing user permissions to information. However, in many organizations legacy IT systems and […]

Axiomatics Bootcamp ABAC 101

This “bootcamp” style webinar provides a basic overview of Attribute Based Access Control (ABAC) and how it helps solve complex data access control challenges. Enterprises and government agencies are making the shift to ABAC to help tackle specific use cases – including compliance with privacy laws, enabling inter-government agency collaboration, reduction of data leakage, combating […]

Enhancing Spring Security

Spring Security provides authentication, basic authorization and other security features for the widely used Java application framework Spring and it is a popular choice for use in the development of enterprise applications. It also provides an elegant way to cross-cut security concerns across various layers of the application, typically business and presentation tiers. In this […]

Overcoming Role Explosion Challenges with Attribute-Based Access Control

Access control has been predominantly managed with a legacy static model based on user roles – called “Role-based Access Control”, or RBAC. Enterprises that use RBAC are now experiencing role explosion – and difficulty scaling RBAC to meet the complex access control requirements of today’s workforce and the need to share, securely. Key Takeaways: Understanding an […]

Cutting Through Export Control with Bell Helicopter and Axiomatics

In this webinar, together with guest speaker Greg Heartsfield from Bell Helicopter, we will focus on the complexity of export control and PLM systems and the challenge of overseeing data classification schemes subject to change. Because PLM systems were designed to help collaboration across departments and external parties, these systems require fine-grained authorization to make […]

Flexible and Dynamic Security for the Data-Centric Enterprise

Requirements for securing data often pass down from C-level executives through multiple layers: from security architects out to the teams and systems administrators responsible for implementing security requirements. At each step, different tools are used to achieve the objectives, making it difficult to trace the security configuration back to the original requirements. This results in […]