Daniel Bass

Choosing the right policy agent to handle your authorization is not a simple task - each offers its benefits and has its drawbacks. How to choose? Read here.

Having an authorization layer is a must. But should you build one yourself?

Why and how you should enhance your application's security and compliance with authorization audit logs.

The latest OWASP "Top 10 API Security Risks" report once again lists "Broken Object Level Authorization" as its top 1 vulnerability. What can be done about it?

How (and why) should you implement RBAC with AWS' new Cedar policy engine

AWS' new Cedar policy language is now open-source and live! See how you can make the best use of it with Permit.io

Migrating from Role-based access control (RBAC) to Attribute-based access control (ABAC) can prove quite challenging - here's how you can do it painlessly.

When building an app, good authorization is a must, and planning it ahead is critical. How do you plan effective, secure, and scalable AuthZ? Learn here -

Access Control is a main concern when developing web applications - and the NSA has a lot to say about it, especially the biggest pitfall developers make. 

5 key factors for effective & scalable app authorization: simplicity, flexibility, compliance & more.

How Netflix solved the challenge of authorizing millions of users by using OPA, how you can adopt this solution, and possibly create something even better

Authentication (AuthN) and Authorization (AuthZ) are two critical Identity IAM concepts. Although often confused, they have distinct meanings and functions.