Company Updates & Technology Articles
sver: easy semantic versioning of your artifacts
Figuring out how to version your project can be a pain... let sver do the hard work - producing versions that are unique, sortable, human readable, and semantically correct.
Rego: getting started
Rego is a declarative language for writing policies. Here are a few tips and tricks for how to get started reading and writing Rego.
Addressing challenges with Github's authorization model
Github's authorization model uses a combination of roles and scopes, which makes it hard to pre-compute a user's access ahead of time.
The Architectural Challenge of Authorization
Unlike most developer APIs, authorization is in the critical path of every application request, and requires a different architecture.
Welcome to Modern Authorization
Why we started Aserto: the missing developer API for application authorization.
OAuth2 Scopes are NOT Permissions
OAuth2 scopes were never intended to be an authorization mechanism, and indeed are a bad idea when used as a substitute for a real authorization architecture.
Authentication != Authorization
Authentication is a solved problem. But authorization remains a far bigger problem, and is far from solved.