Company Updates & Technology Articles
Addressing the complexities of fine-grained authorization for applications
As organizations grapple with the complexities of managing access controls in an increasingly interconnected digital world, the need for a fine-grained authorization service comes to the forefront. In this recent episode of Identity Jedi, Aserto CEO, Omri Gazitt delves into the current state of modern authorization and the driving force behind Topaz and Aserto.
How Airbnb and Uber authorize their apps: Real-world examples of ReBAC and ABAC
Explore real-world examples of attribute-based access control (ABAC) and relationship-based access control (ReBAC). Learn how Airbnb uses ReBAC to authorize external users and Uber uses ABAC to authorize internal users.
Product Pulse #6: Aserto supports Active Directory and LDAP
We’re excited to announce that as of January 2024, Aserto and Topaz fully support LDAP as a source of users and groups! The integration has been tested with the leading two implementations of LDAP - Active Directory and OpenLDAP. Read all about it in this post.
Authorization and the principle of least privilege
Zero trust has moved the burden of securing applications from the perimeter to the application. Based on this framework, we must assume a breach, verify entities explicitly, and implement the principle of least privilege. In this post, we explore how fine-grained authorization brings the principle of least privilege to life, enabling us to establish a robust security posture.
Unlocking modern, fine-grained authorization with Topaz
Aserto CEO, Omri Gazitt, and Damian Schenkelman from Okta discuss the current state of modern authorization on Authorization in Software. Tune in to learn all about modern authorization: what it is, the underlying design principles, why it is gaining momentum, and open-source projects that can help you build your fine-grained authorization system.
When do you need attributes in fine-grained authorization?
Attribute-based and relationship-based access control are two popular authorization models. In this post, we review the best use cases for each model, and how to enjoy the benefits of both using open source.