We’ve seen all sorts of enterprise operations packaged into as-a-service, managed solutions: from cybersecurity to infrastructure and databases.

Seeing the growing need from organizations for improved fine-grained access authorization management, Aserto Inc. developed its authorization-as-a-service.

“Access control hasn’t really moved forward at all in the last 15 years,” said Omri Gazitt (pictured), co-founder and chief executive officer of Aserto. “So, my co-founder and I, who were both involved in the early beginnings of Azure Active Directory, wanted to go back to that problem. And that problem is even bigger than identity, and it’s far from solved.”

Gazitt spoke with theCUBE industry analysts  John Furrier and Lisa Martin at the recent KubeCon + CloudNativeCon NA 2022, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the usefulness of Aserto’s enterprise-grade, cloud-native authorization solution. (* Disclosure below.)

Access control and security

Enterprise security is on high alert due to the increasingly intricate and commonplace threat of malicious hacks and ransomware attacks. For companies to limit the “blast radius” of the inevitable cyberattack, they must maintain fine-grained access control within their environments, according to Gazitt.

“Misconfigurations are rampant, and over-provisioning is a real problem,” he explained. “If you look at zero-trust and the principle of least privilege, all these applications have these coarse-grained permissions. And so when you have a breach, you want to limit the blast radius of what happened, and you can’t do that unless you have fine-grained access control.”

Innovating further, Aserto recently took the wraps off its cloud-native authorization service called Topaz. Built on top of the Cloud Native Computing Foundation’s OPA decision engine, companies can scale authorization models while keeping benefits such as decision logging and policy-as-code intact.

“We have a policy-based system, OPA-based system, and at the same time, we’ve brought together an embedded directory in Topaz that allows you to answer questions like, ‘does this user have this permission on this object?’ And bringing it all together, and making it open source, is a real game changer from our perspective,” Gazitt stated.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the KubeCon + CloudNativeCon NA 2022 event:

(* Disclosure: This is an unsponsored editorial segment. However, theCUBE is a paid media partner for KubeCon + CloudNativeCon NA 2022. Sponsors of theCUBE’s event coverage have no editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE