ObjectSecurity today announced that it has been awarded “America West Regional Finalist 2009” in the “Most Promising Security Start-up Category” for their OpenPMF™ product by the Global Security Challenge.
Developed since 2000, OpenPMF™ is a security extension for application development tools that makes application security manageable, cheaper, and less risky. It helps security professionals and application developers automatically secure today’s large, interconnected, rapidly evolving applications (e.g. SOA with BPM, Cloud, legacy). OpenPMF uniquely minimizes the security maintenance cost even for agile applications and workflows. It also automatically enforces and monitors security, an important element of SOA governance. It ties into development tools, which makes it a critical element of a secure application development lifecycle and IT best practices – dealing with policy abstraction, externalization, authoring, automation, enforcement, monitoring, and verification. OpenPMF is award-winning, patent-pending, proven and standards-based technology, with deployments including US Navy & Air Force & a European air traffic control simulation & training project.
1. Save time and money
Security professionals focus on security
Application professionals focus on the application
Automatically generate & update application security policies
2. Adopt security easily & flexibly
Development tool integration out of the box (Eclipse & Intalio)
Multiple licensing alternatives and gradual adoption options
No security expertise required
3. Align business & security, improved proactive security & agility
Removes technology and security silos, and reuses legacy
Security & development separated, but linked via policy
Comprehensive, fine-grained security monitoring & auditing
OpenPMF significantly simplifies security policy management thanks to its innovative model-driven security approach. It reduces cost/effort, aligns business and IT, enables secure IT agility, and enhances security. OpenPMF also includes multi-platform enforcement and monitoring. It offers far better flexibility and manageability than traditional identity management and authorization management solutions.