Open source platform for X.509 certificate based service authentication and fine grained access control in dynamic infrastructures
Never Trust &
Enables zero trust core principles like traffic encryption, AuthN, AuthZ, Dynamic Trust and least privilege access
Authorize all authenticated clients using fine-grained role-based (RBAC) access control
How to enable Zero Trust core principles like traffic encryption and authentication among all workloads in a hybrid environment?
Athenz issues service identities in the form of short-lived X.509 certificates to all workloads deployed in private or public clouds enabling secure communication among all workloads with mTLS.
How do we provide credentials to container workloads to prove its identity and to authenticate with the Kubernetes API, establish mTLS with services, and define role-based access control (RBAC)?
An Identity provider mechanism enables workloads to authenticate with kubernetes container credentials such as pod bound service account tokens in exchange for Athenz service identity certificates using a callback mechanism that allows a kubernetes pod-aware identity service to authenticate such credentials.
How to deploy a centralized authorization store and deploy a consistent authorization solution based on industry standard OAuth2 access tokens without implementing the logic in each application?
Athenz Token Service issues industry standard mTLS bound OAuth2 access tokens that application services can use to both authenticate (x.509 identity certificates) and authorize requests based on policies defined in the Athenz Management System.
How to securely access AWS services from on-prem data centers without using static credentials defined in AWS IAM?
Services running in on-prem data can use their Athenz issued identity x.509 certificates to request AWS temporary credentials from Athenz Token Service running in AWS.
Director of Open Source
"Athenz has helped secure our workloads in an extremely scalable manner."
Sr. Director, Software Dev Engineering
"Athenz enriches Kubernetes workload security at Yahoo/Verizon Media with fine-grain Role-based access control (RBAC) and service authentication. Athenz's rich set of APIs integrates seamlessly with any Container-as-a-Service Platform."
Chris Tatsuya Yano
"Since Athenz is secure and extensible, Yahoo! Japan is using Athenz on large scale workloads and contributing to the product."