Identity security and management is a critical need for enterprises with the cloud-native space. While there’s plenty of solutions on the market, Aserto Inc. is helping to solve a unique problem with its authorization-as-a-service model.

“[Larger cloud vendors] entirely focus on one part: the “i” part, the identity part of the problem,” said Omri Gazitt (pictured), co-founder and chief executive officer of Aserto. “They completely ignore the access management part, and you could argue that is a larger problem and it is far from solved.”

Gazitt spoke with theCUBE industry analyst Keith Townsend at the recent KubeCon + CloudNativeCon Europe event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed how Aserto is helping the access management part of identity within cloud-native. (* Disclosure below.)

Going beyond identity authentication

Identity authentication is all about proving that someone is who they say they are through a password or something biometric, according to Gazitt. Aserto picks up where that immediate authentication leaves off.

“Once you know who you are, once you’ve proven to a system that you are Keith … what can Keith do?” Gazitt said. “What roles, what permissions, what operations can Keith perform on what resources? That’s a harder problem, and that’s the problem that we focus on.”

What Aserto is trying to do is bring an enterprise domain-specific resources, according to Gazitt. An application builder has things they need access to, while someone doing storage arrays or networks might need access to different things.

“You have higher level constructs. So we basically allow you to create this fine-grained access control, but for your own objects,” he stated.

The boundaries can extend both to a private and public cloud, because Aserto’s technology lives inside of the application itself. It’s also able to manage machine identities, as well as human identities.

“So the application calls us, we give you a sidecar, you deploy it right next to your application,” Gazitt said. “It gives you … sub-millisecond response time, a 100% availability. All the authorization decisions are done with full context about who the user is and what resource they’re trying to access.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the KubeCon + CloudNativeCon Europe event:

(* Disclosure: TheCUBE is a paid media partner for the KubeCon + CloudNativeCon Europe event. Red Hat Inc., the main sponsor for theCUBE’s event coverage, the Cloud Native Computing Foundation, and other sponsors do not have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE