Blog

Company Updates & Technology Articles

Blog post cover
Blog post cover

How Airbnb and Uber authorize their apps: Real-world examples of ReBAC and ABAC

Explore real-world examples of attribute-based access control (ABAC) and relationship-based access control (ReBAC). Learn how Airbnb uses ReBAC to authorize external users and Uber uses ABAC to authorize internal users.

Feb 15th, 2024

Blog post cover

Product Pulse #6: Aserto supports Active Directory and LDAP

We’re excited to announce that as of January 2024, Aserto and Topaz fully support LDAP as a source of users and groups! The integration has been tested with the leading two implementations of LDAP - Active Directory and OpenLDAP. Read all about it in this post.

Feb 7th, 2024

Blog post cover

Authorization and the principle of least privilege

Zero trust has moved the burden of securing applications from the perimeter to the application. Based on this framework, we must assume a breach, verify entities explicitly, and implement the principle of least privilege. In this post, we explore how fine-grained authorization brings the principle of least privilege to life, enabling us to establish a robust security posture.

Feb 1st, 2024

Blog post cover

Unlocking modern, fine-grained authorization with Topaz

Aserto CEO, Omri Gazitt, and Damian Schenkelman from Okta discuss the current state of modern authorization on Authorization in Software. Tune in to learn all about modern authorization: what it is, the underlying design principles, why it is gaining momentum, and open-source projects that can help you build your fine-grained authorization system.


Jan 23rd, 2024

Blog post cover

When do you need attributes in fine-grained authorization?

Attribute-based and relationship-based access control are two popular authorization models. In this post, we review the best use cases for each model, and how to enjoy the benefits of both using open source.

Jan 17th, 2024