Access control

Home|Access control

Customers are not aware yet of ICS security risks that IIoT Apps bring

IIoT applications bring many ICS security risks to critical industries like manufacturing, energy, oil and gas, chemical, transportation. As a part of CEO Insights, Dr. Ulrich Lang, Co-founder and CEO of ObjectSecurity, explains what are the most critical cybersecurity risks, how to address them, and also what are the challenges and opportunities in this [...]

By |May 19th, 2017|

ObjectSecurity CEO opinion: Cybersecurity Market Failure

We hit the glass ceiling years ago! Hackers are winning unless we change! This slide deck was presented by ObjectSecurity CEO Dr. Ulrich Lang at ISSA Cornerstones of Trust 2015. The cyber security ecosystem is progressing too slowly; few game-changers find adoption. The “good guys” are operating under severe constraints: End-user organizations often cannot [...]

By |January 31st, 2017|

OpenPMF 4.0 Explainer & Demo Videos

In this video, ObjectSecurity founder & CEO Dr. Ulrich Lang explains and showcases the major new release 4.0 of our OpenPMF product.  OpenPMF™ makes security policy manageable through automation. It gives you powerful security policy implementation that is also effortless to manage. It allows you to improve protection, monitoring, testing, and documenting – for your information, [...]

By |December 14th, 2016|

What is Attribute Based Access Control (ABAC)?

Attribute based access control (ABAC) is a different approach to access control in which access rights are granted through the use of policies made up of attributes working together. ABAC uses attributes as the building blocks to define feature-rich access control rules and access requests. An example standard to do ABAC is the eXtensible Access Control Markup Language (XACML). [...]

By |November 25th, 2016|

Access Control in 2016 – What you Need to Know

Access control is one of those topics that often means different things to different people. In its most basic form, it is simply the “restriction of access to a resource.” Unfortunately, as you drill down into what that actually means for your organization, things usually get muddy. For some people, it is simply selectively granting [...]

By |June 27th, 2016|

Re-Examining Identity & Access Management (IAM)

There is a lot security professionals disagree on when it comes to Identity & Access Management (IAM). One thing most would agree on is that IAM means many things to many people, and has been shaped more by vendor product boundaries over the years than by overarching architectures, processes, and governance. The basic term “Identity [...]

By |June 23rd, 2016|

Implementing NIST 800-53 AC with OpenPMF™

NIST Special Publication 800-53 (Rev. 4), "Security and Privacy Controls for Federal Information Systems and Organizations," provides a catalog of security controls for U.S. federal information systems. Its 18 families of controls are used as best practice guidance worldwide. The “Access Control” (AC-1) control family includes 25 controls. Some of these controls require significant technical implementations. ObjectSecurity® OpenPMF™ [...]

By |June 20th, 2016|

Cybersecurity in 2016: Manage Impact!

Today I want to share my thoughts about the recurring discussions we all as security professionals often have about where to focus our efforts. One camp says "continuous monitoring is the new prevention", indicating that they have already failed to protect their information resources, and thus the main focus should be on detecting and remediating [...]

By |May 20th, 2016|

Webinar: Your organization’s “A” in IAM most likely is just not good enough

Community Educational Online Seminar Series on IT Security February 18, 2016, 9-10 AM PDT, 5-6 PM GMT, 6-7 PM CET While identity & access management (IAM) have been around for years, the bulk of the focus was mostly on identity, authentication and account permission provisioning. Often only basic access policy management and enforcement are implemented [...]

By |January 18th, 2016|

Webinar: Access Control in 2016 – What you need to know to stay ahead

Community Educational Online Seminar Series on IT Security January 11 2016, 9-10AM PDT, 5-6PM GMT, 6-7PM CET, Presenter: Dr.Ulrich Lang, CEO Access control implementation is critical but increasingly complex. In this purely educational community webinar, which was also held as a 2-hour seminar at ToorCon 2015, we covered that traditional approaches are often insufficient; new [...]

By |December 15th, 2015|