Never Trust & Always Verify
Enable zero trust core principles like traffic encryption, AuthN, AuthZ, Dynamic Trust and least privilege access.
Authorize all authenticated clients using fine-grained role-based (RBAC) access control.
X.509 Certificate Authentication
Service Identity in the form of short-lived X.509 certificates to all workloads deployed in private or public clouds. Stronger security by mTLS authentication.
Single Source of Truth
Consolidated service serving various downstream security implementations, including support for non-user entities.
Providing RBAC for your needs
Athenz is a set of services and libraries supporting role-based authorization (RBAC) for provisioning and configuration (centralized authorization) use cases as well as serving/runtime (decentralized authorization) use cases to handle on-box enforcement. Learn More
A traditional centralized access control model requires any Athenz enabled application to contact Athenz Management Service directly to determine if a specific authenticated principal has been authorized to carry out the given action on the requested resource. Learn More
For use cases where latency is a concern, Athenz provides a decentralized model where the check to see if a given principal has been authorized to carry out the given action on the requested service is done on the host itself using the Athenz local policy engine library. Learn More