Only access management platform that fixes broken access control and other top OWASP security challenges – helps businesses implement least-privilege access across hybrid multi-cloud infrastructures
Santa Clara, Calif. — July 13, 2022 — Datawiza, the first company to offer a no-code platform for implementing authentication and authorization for applications and APIs, today announced it has added support for Kubernetes and other new features. The additions increase the flexibility of the platform to quickly address some of today’s most difficult access management challenges, including single sign-on (SSO), multi-factor authentication (MFA), social logins and conditional access control. Datawiza is the only cloud-based Access Management as a Service (AMaaS) platform enabling businesses to fix broken access control and other top security challenges identified by the Web Application Security Project (OWASP).
The latest OWASP ranking, a consensus-driven list of the most critical security risks to web applications, now names broken access control as the number one risk. Access control, including authentication and authorization, is the essential governance capability enabling businesses to set the right access policies, limiting who can access sensitive information, such as personally identifiable information (PII) and protected health information (PHI). Access control failures and the inability to enforce access policies can lead to data breaches, regulatory fines and reputational damage.
“OWASP’s elevation of broken access control to the top security challenge for web applications reflects a critical disconnect in the security industry,” said Dr. Canming Jiang, Co-Founder and CEO of Datawiza. “Modern identity management platforms like Azure AD and Okta are great authentication solutions, but they require security expertise when using SDKs and APIs to integrate apps with them, so any incorrect handling by inexperienced developers can lead to broken access control. Further, relying on in-house developers or a consulting company like Accenture or KPMG to perform the integrations can take months or even years to complete. The industry needs no-code solutions built by security experts that can prevent broken access control, accelerate time-to-market and free up developers.”
The access control challenge
Companies committed to establishing Zero Trust for applications and APIs across their hybrid infrastructures must add the comprehensive access control capabilities missing from today’s identity platforms. In addition, for SaaS vendors, comprehensive access control and the ability to provide SSO across their customer base, no matter which identity platform they use, must now be part of their minimum viable product (MVP)
Many companies mistakenly believe that adding and maintaining these capabilities is a simple task for their development teams. Instead, these companies end up committing significant time and money to their DIY effort, leading to long delays in time-to-value and ongoing distraction for their development teams. Further, developers often lack the required security expertise to ensure a Zero Trust environment, so they often inadvertently allow vulnerabilities into their code.
Datawiza: Access Management as a Service
Datawiza, the industry’s first cloud-native Access Management as a Service (AMaaS) platform, helps businesses accelerate their journey to a Zero Trust architecture for applications and APIs. Datawiza provides a no-code solution for integrating internal homegrown apps (written in any programming language), legacy business apps (like Oracle ERP and CRM), open source tools and customer-facing apps with IDaaS platforms such as Azure AD, Okta, Auth0, Google and Amazon Cognito. Implemented in a matter of hours or days, Datawiza offers the fastest time to market for securing and centralizing access to your applications, adding fine-grained access controls to any identity management platform, and providing SSO/MFA across hybrid multi-cloud environments.
New & upcoming features of Datawiza
- New – Support for Kubernetes, making Datawiza applicable to more use cases
- New – Support for claim value mapping to make it easier to manage roles in an identity solution and maintain separate roles for different applications
- New – Support for claim/attribute key mapping to enable better management of out-sourced and third-party applications
Datawiza continues to define Access Management as a Service and deliver access management, sign-on and security innovations for businesses. Future features will add SSO support for popular open source tools, like CVAT, SuperSet, AirFlow. Stay tuned for more details in the near future.
- Read Re-think your SSO strategy or get left in the Stone Age
- Read Why Access Management as a Service (AMaaS), Why Now
- Read Should You Build or Buy B2B SaaS SSO?
- Schedule a demo
- Join the community
The cloud-delivered Datawiza Platform offers Access Management as a Service (AMaaS) to secure applications and APIs based on the Zero Trust architecture, providing consolidated and continuous risk and trust assessment. Unlike other access management products (e.g., legacy web access managers) that are complex and siloed in hybrid environments, Datawiza’s no-code platform offers large enterprises and SMBs a comprehensive, centralized and easy-to-deploy solution that allows every company to simplify access management, save time and increase security. Datawiza was founded in 2018 by security expert Dr. Canming Jiang, a veteran of Shape Security, now part of F5, and cloud expert Cunhao (Alex) Gao, a veteran of Google and Amazon. For more information, visit https://datawiza.com.