Our Blog

Conversations and Insights from Identity Experts:

ACL, RBAC, ABAC, PBAC, RADAC, and a Dash of CBAC

ACL, RBAC, ABAC, PBAC, RADAC, and a Dash of CBAC

As the title of this posting probably tells you, there are a LOT of acronyms out there talking about access control. To level the set, here are a few translations: ACL: Access Control List This is your basic gatekeeper. ACL has a list of users and a simple yes/no function, like a doorman at an […]

Unexpected Security Breaches

Unexpected Security Breaches

Hackers are extremely creative. It’s not just phishing and knocking — hackers will try every crevice and every small hole, even things you would never think of as a way into your data center. The reason you need zero-trust security is because you never know how they’re going to slip behind the scenes and gain […]

Meet Cloudentity’s New Board Advisor

Meet Cloudentity’s New Board Advisor

Over the last 20+ years, if you didn’t offer an open API as a software maker, you were not invited to sit at the cool kids table. The culture of interconnected software has rapidly fostered tech prosperity and business growth to the point where the API has become the new database. Just imagine the possibilities, […]

API Security: More Than Just Apps

API Security: More Than Just Apps

Back in 2007, Apple launched the iPhone and created a whole new way of developing software: apps. Before apps, most development relied on a full stack of a UI tied closely to code that pulled content from databases. You secured the entire stack, and the idea of separating your security concerns was not only unheard […]

Why We Secure Our Systems

Why We Secure Our Systems

In computer technology, we talk about security breaches and how to prevent them, but honestly, we have different kinds of breaches and different reasons to want to prevent them. Sure, we hear the stats like “60 percent of small companies that suffer a cyber-attack are out of business within six months,” but what is it […]

Cloudentity Benefits (in under Two Minutes)

Cloudentity Benefits (in under Two Minutes)

The Cloudentity stack is very powerful and very flexible, which means it’s hard to tell the story from one person’s point of view. We’ve created a short video, available on our YouTube channel, to explain from four different people’s perspectives how your organization can benefit from our cloud security program. Experience the advantages for yourself […]

East/West Is the New North/South

East/West Is the New North/South

In today’s connected world, your biggest security holes may be within your own applications and APIs. Discover how implementing Cloudentity’s context-aware Zero Trust platform provides maximum protection, is easy to implement, and enables you to adopt this best-practice security model with confidence.  The data center, whether on-premises, in the cloud, or as a hybrid mix […]

Identity and Security Starts at Home

Identity and Security Starts at Home

I started my career back in the days when we hosted servers in the basement of the office. At the time, we never really thought much about security until we deployed the code (which pretty much meant FTPing a bunch of files to a server). Security was handled at the router first, blocking malicious traffic […]

Defense In-Depth For an API and DevOps Security

Defense In-Depth For an API and DevOps Security

Authorization has come along way since setting bits in the file system. With the advancements in machine learning, big data, and behavioral profiling, it’s time for authorization to take its next generational leap and move into a flexible, risk-based access control model that works in concert with legacy access control policies. Cloud Authorization engines must […]

The Modern World of APIs (or is that Airports?)

The Modern World of APIs (or is that Airports?)

The term “API” is tricky. It stands for application programming interface, but a lot of people seem to think it means “all powerful incantation.” You always see decision makers sigh in relief when they find out a product they’re looking at has an API; they’re not sure what it means, but they know their developers […]