The Case for Centralized IAM
Centralized IAM, and the benefits of implementing it in your organization.
Application authorization enthusiast with years of experience as a customer engineer, technical writing, and open-source community advocacy. Comunity Manager, Dev. Convention Extrovert and Meme Enthusiast.
Centralized IAM, and the benefits of implementing it in your organization.
The Bikini Bottom guide to RBAC authorization models and their implementation with OPA
A view of OPAL + OPA as an alternative to XACML
Intro to OPAL: an open-source administration layer for Open Policy Agent (OPA) that allows you to easily keep your authorization layer up-to-date in real-time
How to Build The Right App Authorization Solution - An Intro to Open Policy Agent
Preventing broken access control vulnerabilities: a CISO's perspective on the components and importance of proper permission management for cloud-native apps.
What changed, both in terms of the challenges and the solutions, and how we can adapt to these changes?
The Bikini Bottom guide to ABAC authorization models and their implementation with OPA
Access control is a must in evey app, yet most developers build and rebuild it time and time again. Why? Usually, they make one of these four crucial mistakes -
Permit.io's top 6 developer podcasts of 2022 that are definitely worth your time and attention
Get ready to rumble! Join us on a quest to find the best authorization policy model in an epic battle royale: RBAC vs. ABAC vs. ReBAC
Authentication and Authorization are two critical Identity Access Management (IAM) concepts. Although often confused, they have distinct meanings and functions.
How Netflix solved the challenge of authorizing millions of users by using OPA, how you can adopt this solution, and possibly create something even better
5 key factors for effective & scalable app authorization: simplicity, flexibility, compliance & more.
What is Attribute Based Access Control, when should it be used, how can you implement it in your application, and how can you provide a UI for managing it?
RBAC and ABAC are two of the most common authorization policy models out there. How do you choose the right one for your application?
Access Control is a main concern when developing web applications - and the NSA has a lot to say about it, especially the biggest pitfall developers make.
When building an app, good authorization is a must, and planning it ahead is critical. How do you plan effective, secure, and scalable AuthZ? Learn here -
Migrating from Role-based access control (RBAC) to Attribute-based access control (ABAC) can prove quite challenging - here's how you can do it painlessly.
AWS' new Cedar policy language is now open-source and live! See how you can make the best use of it with Permit.io
How (and why) should you implement RBAC with AWS' new Cedar policy engine
The latest OWASP "Top 10 API Security Risks" report once again lists "Broken Object Level Authorization" as its top 1 vulnerability. What can be done about it?
Why and how you should enhance your application's security and compliance with authorization audit logs.
Having an authorization layer is a must. But should you build one yourself?
What is authorization as a service? Why would you need it? Can you build authorization yourself? What options are there? Learn more here.
Choosing the right policy agent to handle your authorization is not a simple task - each offers its benefits and has its drawbacks. How to choose? Read here.
What is Relationship Based Access Control, when should it be used, how can you implement it in your application, and how can you provide a UI for managing it?
Learn how to implement Relationship-Based Access Control (ReBAC) with OPA - an open source policy engine for controlling access to systems and resources.
Learn from a real case study how to Shift-Left in a way that will impact the product's security. Minimize friction between security and development teams.
We just launched our developer tool on Product Hunt and got 'Product of the Day'. Here's how we did it. Some useful growth hacking tips.
RBAC vs. ReBAC - A comprehensive guide to the pros, cons, use cases, and implementation of these common authorization models
ABAC vs. ReBAC - A comprehensive guide to the pros, cons, use cases, and implementation of these common authorization models
"Shift-Left" is great, but often results in endless tasks and tools for devs instead of addressing the real issues. How can we avoid it? Implement good DevEx.
Explore top developer communities like Next.js and OpenAI. Dive into knowledge-rich hubs, collaborate, learn from experts, and stay ahead in tech trends.
Learn how, when, and where to use OAuth scopes for authorization. Get a clear understanding of OAuth scopes definition and their proper usage.
Protecting your user's personal medical information is vital in healthcare apps. Here's how to make sure you're doing everything to keep that data safe -
Learn how to implement proper authorization for a healthcare app with the help of Galactic Health Corporation - a Rick & Morty inspired healthcare application.
How Google built its access control with Google Zanzibar, and how you can model and build a 'Google Drive' style authorization system for your app yourself!