Whether they realize it or not, almost every company today is a software company as they build and re-architect a growing number of applications on a daily basis. Securing those applications and workloads requires implementing solid authentication and authorization. Authentication is responsible for verifying the identity of the requester, while authorization is responsible for putting […]
I’m pleased to introduce build.security – the first Authorization Policy Management platform and an important step towards bringing maturity to authorization as a field.
Authorization has been the giant white elephant of AppSec for far too long. Nearly every system today requires it, and organizations spend years of developer time trying to implement, develop, support and enhance authorization built into their code. However, good authorization is needlessly complex. Many organizations start with the basic structure of role-based access control […]