FAQs

Home|FAQs|

What are the benefits of using OpenPMF?

Save time and money: Security professionals focus on security without the need to be application experts. Application professionals focus on the application without the need to be security experts. OpenPMF automatically generates & updates application security policies for them. Security & development are separated, but linked via OpenPMF’s policy automation. Adopt security easily & flexibly: [...]

By |December 8th, 2016|

How does OpenPMF support application agility and Service Oriented Architecture (SOA)?

SOA is often designed with dynamic change (agility) and reuse in mind. SOA is also often built using web applications. OpenPMF can automate policy generation, enforcement, and update for such application landscapes in such a way that technical security enforcement rules can be automatically updated whenever the interactions between web applications change. Without OpenPMF, security [...]

By |December 8th, 2016|

What kinds of policies can I define, enforce, and monitor with OpenPMF?

OpenPMF policies can either be default security policy model templates, or tailor-made security policy models . Default policy model templates includes policies such as “only allow the interactions the application developer has programmed; deny and log everything else”, or “only allow access to SOA services based on the sequence of the BPM workflow used to [...]

By |December 8th, 2016|

What can I exactly do with OpenPMF?

Configure intuitive business security requirements Generate matching technical security policies automatically Enforce technical security policies transparently Audit technical security policies transparently Update technical security policies automatically

By |December 8th, 2016|

Does OpenPMF do whitelisting or blacklisting?

OpenPMF is a whitelisting technology, i.e. it explicitly allows good accesses and denies everything else. This approach is more reliable than blacklisting, which explicitly blocks known bad accesses but allows everything else. Using conventional methods, whitelisting is hard because many rules have to be manually written – OpenPMF solves that challenge with its unique policy [...]

By |December 8th, 2016|