Blog

Company Updates & Technology Articles

Five common authorization patterns

In this post we share five common authorization patterns, starting from the simplest IDP-based RBAC, and culminating in a combination of group-based RBAC with fine-grained permissions and fine-grained resources. You can easily evolve from the simple models to the more sophisticated ones, by evolving the authorization policy using Topaz.


Blog post cover

Solving cloud-native authorization

Cloud-native authorization is hard. This post covers exactly why and how to build fine-grained access control systems for cloud-native applications. We highlight a couple open-source projects you can use today, as well as the "5 laws of cloud-native authorization."

Mar 14th, 2023

Blog post cover

A CISO Perspective on Enterprise Forensics: How to Get Back From a Breach

Authorization decision logs provide accurate and detailed information about every action taken within the system for which those logs are being generated. These logs promote quick and effective responses which mitigate harm. And they do so more effectively than other logs or audit trails in isolation, and certainly when correlated with other information.

Mar 8th, 2023

Blog post cover

Product Pulse #4: New directory and authorizer, evaluator, and more!

Over the past weeks we've rolled out a new version of our authorizer and directory. We’ve added the ability to support data-first ReBAC models and test permissions and relations between objects and subjects. And we've simplified user management for Aserto Organization admins.


Mar 1st, 2023

Blog post cover

A secure software supply chain for OPA policies

OPA policies are important artifacts in the application lifecycle and need to be secured. You can do this by using the policy CLI from the OPCR project to build, tag, push, and pull OPA policies as OCI images, and the cosign CLI from the Sigstore project to sign and verify signatures over these images.

Feb 22nd, 2023

Blog post cover

What Happens When Access Controls Fail

Broken access controls are the world's common source of application security failures. The risk in allowing users to act outside of their intended permissions is as great as with any other kind of cyber failure, with potential for both reputational and financial consequences for organizations and their users alike.

Feb 15th, 2023

Blog post cover

A CISO Perspective on Simplifying Compliance with Decision Logs

Driving compliance, or managing risk, is key for any organization. Competent cybersecurity demands the centralization of authorization decision logs. Knowing who is accessing what, when and why is critical to safeguarding your assets and data. Learn more in this post.

Feb 7th, 2023