Access control

Home|Access control

Join ObjectSecurity at Cloud Identity Summit 2017

We are pleased to announce that Ulrich Lang, CEO/Founder ObjectSecurity, will take main stage at the Cloud Identity Summit 2017. To talk about Security Policy Automation. Cloud Identity Summit (CIS) converges the brightest minds across the identity and security industry. It is supported by expert speakers sharing best practices and lessons learned from real-world deployments.  [...]

By |June 8th, 2017|

Customers are not aware yet of ICS security risks that IIoT Apps bring

IIoT applications bring many ICS security risks to critical industries like manufacturing, energy, oil and gas, chemical, transportation. As a part of CEO Insights, Dr. Ulrich Lang, Co-founder and CEO of ObjectSecurity, explains what are the most critical cybersecurity risks, how to address them, and also what are the challenges and opportunities in this [...]

By |May 19th, 2017|

What is Security Policy Automation?

Today’s information age would have felt like out of a sci-fi movie to someone 20 years ago. More data has been created in the past two years than in the entire previous history of the human race. 1.7MB of data is created for every human per second. Within 4 years, we will have generated [...]

By |March 30th, 2017|

Re-Examining Identity & Access Management (IAM)

There is a lot security professionals disagree on when it comes to Identity & Access Management (IAM). One thing most would agree on is that IAM means many things to many people, and has been shaped more by vendor product boundaries over the years than by overarching architectures, processes, and governance. The basic term [...]

By |March 23rd, 2017|

ObjectSecurity CEO opinion: Cybersecurity Market Failure

We hit the glass ceiling years ago! Hackers are winning unless we change! This slide deck was presented by ObjectSecurity CEO Dr. Ulrich Lang at ISSA Cornerstones of Trust 2015. The cyber security ecosystem is progressing too slowly; few game-changers find adoption. The “good guys” are operating under severe constraints: End-user organizations often cannot [...]

By |January 31st, 2017|

OpenPMF 4.0 Explainer & Demo Videos

In this video, ObjectSecurity founder & CEO Dr. Ulrich Lang explains and showcases the major new release 4.0 of our OpenPMF product.  OpenPMF™ makes security policy manageable through automation. It gives you powerful security policy implementation that is also effortless to manage. It allows you to improve protection, monitoring, testing, and documenting – for your information, [...]

By |December 14th, 2016|

What is Attribute Based Access Control (ABAC)?

Attribute based access control (ABAC) is a different approach to access control in which access rights are granted through the use of policies made up of attributes working together. ABAC uses attributes as the building blocks to define feature-rich access control rules and access requests. An example standard to do ABAC is the eXtensible Access Control Markup Language (XACML). [...]

By |November 25th, 2016|

Access Control in 2016 – What you Need to Know

Access control is one of those topics that often means different things to different people. In its most basic form, it is simply the “restriction of access to a resource.” Unfortunately, as you drill down into what that actually means for your organization, things usually get muddy. For some people, it is simply selectively granting [...]

By |June 27th, 2016|

Implementing NIST 800-53 AC with OpenPMF™

NIST Special Publication 800-53 (Rev. 4), "Security and Privacy Controls for Federal Information Systems and Organizations," provides a catalog of security controls for U.S. federal information systems. Its 18 families of controls are used as best practice guidance worldwide. The “Access Control” (AC-1) control family includes 25 controls. Some of these controls require significant technical implementations. ObjectSecurity® OpenPMF™ [...]

By |June 20th, 2016|

Cybersecurity in 2016: Manage Impact!

Today I want to share my thoughts about the recurring discussions we all as security professionals often have about where to focus our efforts. One camp says "continuous monitoring is the new prevention", indicating that they have already failed to protect their information resources, and thus the main focus should be on detecting and remediating [...]

By |May 20th, 2016|