Most developers know that writing authorization code is painfully hard. For starters, most existing #AuthZ tools require commitment to either RBAC or ReBAC. That eventually becomes a problem when applications mature and grow in use cases. The code explodes in complexity since developers have to reverse engineer the boundaries of their entire application and then design how, when, and where to enforce them. Pangea is here to solve that problem. Today, we just launched our new AuthZ service on Product Hunt, where developers can add fine-grained relationships and policies in minutes that scale with #compliance needs. Our goal is to help developers ensure that the right users have the right access to the right parts of their app at the right time. To summarize, here is what makes Pangea AuthZ special: → Meet your current needs without blocking you from meeting later needs with a simple path from #RBAC to #ReBAC → Add ABAC policies that record the context of the user, their request, or even the resource they are interacting with (leveraging other Pangea services) → Leverage Pangea’s #AuthN service to provide a high assurance level around the user and their identity → Centrally create, maintain, reuse, and audit your access policies across every app without policy sprawl and drift. Check out the link in the comments for a special offer on Pangea AuthZ. #SecureByDesign #SecDevOps #CyberSecurity
Pangea
Software Development
Palo Alto, California 7,951 followers
Turning the fragmented world of security into a simple set of APIs
About us
Pangea is the first Security Platform as a Service (SPaaS) and delivers a single platform of API-based security services that are easily accessible and simple for any developer to build a secure app experience. We're hiring talented software engineers to build a collection of cloud-agnostic security services. Engineers who are passionate about innovating in the security space and driven to deliver exceptional product experiences for developers are an ideal fit for Pangea.
- Website
-
https://pangea.cloud/
External link for Pangea
- Industry
- Software Development
- Company size
- 11-50 employees
- Headquarters
- Palo Alto, California
- Type
- Privately Held
- Founded
- 2021
- Specialties
- APIs, Cloud, Security, Software Engineering, Microservices, SaaS, Cybersecurity, Secure by Design, Composable Security, HIPAA Compliance, Authentication, Authorization, Secrets Management, PII Redaction, Log Management, and Enterprise Security Solutions
Products
Pangea
Platform as a Service (PaaS) Software
Pangea unites the essential security features you need in a single, comprehensive platform of API-based security services that can quickly and easily be added to any app to create a more secure, compliant application experience. The Pangea platform offers foundational services that every app needs, such as authentication, authorization, audit logging, and secrets management, as well as personally identifiable information redaction, file scan, embargo, and file, user, IP, URL, and domain intelligence functionalities. We help you eliminate the burden of building, scaling and managing complex security code to focus on your app logic while reducing its attack surface. Pangea offers seamless integration with our SDKs and just a few lines of code across JavaScript, Python, Go, Java, .NET, and more.
Locations
-
Primary
636 Ramona St
Palo Alto, California 94301, US
Employees at Pangea
Updates
-
If you have a #Kubernetes cluster (or two or two dozen) you may be surprised by the risks of handling secrets in your workloads. We published a handy article that overviews k8s secrets, the challenges of managing them, and various risks if such secrets were to become unintentionally disclosed. Even further, we dive into the how-to's for mitigating these risks and the different facilities for #k8s. Don't avoid securing your app before it's too late. Learn skills through Pangea’s Education Hub today. Link to article in comments 👇 #CyberSecurity #KubernetesSecrets #SecureByDesign
-
What a night! A large thank you to Semgrep, Leif Dreizler and all those who attended last night's event at Fools Gold #NYC to discuss and learn about all things Secure By Design. If you missed out and want to grow your #CyberSecurity knowledge and learn how to build secure apps, check out our #SecurebyDesign Education Hub: https://lnkd.in/d7DwfAGw Pangea #DevOps #AppSec #InfoSec
-
-
Auth0 by Okta has over 4,000 customers in the US... and all of them are logging user login activity. 👤 If that includes you, there are a couple of reasons why your logs may require some improvement. 👇 For starters, Auth0 log retention is 30 days MAX (with their enterprise plan $$). From our perspective, that is not long enough to meet the compliance requirements most of us are facing (#SOC2, #HIPAA, etc.) Point no.2, nobody wants their logs to be messed with. That's why they need to be tamper-proof and verifiable (aka super secure). If you're still reading, you clearly want a more secure audit logging solution (yay!) Luckily, if you use Auth0 you can also use Pangea Log Streaming via the Auth0 Marketplace. Here's why Pangea audit logging is awesome: 1. Up to 10 years of log retention! (120x what you probably have rn) 2. Keep your Auth0 authentication setup the same because it's that easy to integrate 3. Logs can never be changed or destroyed thx to cryptographic verification & Merkle Trees If this sounds like something you need, check the link in our comments to learn how to set it up in < 5 min (literally) #CyberSecurity #Auth0 #LogStreaming #SecureByDesign
-
Join us in NYC TOMORROW with engineering-minded security professionals for drinks and appetizers. 🍻 Please fill out this form to request admittance. Feel free to invite colleagues, just have them register in advance :) We are looking forward to seeing you there! Hosted by Pangea & Semgrep #SecurityMeetup #SecurebyDesign #SecurityEngineer #SecurityEvent
🍻 🏙 If you are in NYC on July 10th, we invite you to our event for engineering-minded security professionals who are driving the industry forward by adopting secure design principles. Please click on this event link and fill out the form to request admittance. Feel free to invite colleagues, just have them register in advance :) We are looking forward to seeing you there! Hosted by Semgrep and Pangea, featuring Oliver Friedrichs and Leif Dreizler #CyberSecurity #SecurityEngineer #SecureByDesign
This content isn’t available here
Access this content and more in the LinkedIn app
-
Pangea reposted this
Just published - our brand new 2024 Hype Cycle for APIs! - AI, of course, is a big factor this year. AI Gateways are new on the Hype Cycle, both from specialists like Aguru and Portkey, and from established API Gateway vendors like Kong Inc. and IBM. It will be very interesting to see how this particular market plays out. We also include AI used to create APIs, and AI used to consume APIs, on this year's Hype Cycle. - API security is well represented on the Hype Cycle. This year that includes Composable security APIs, including vendors like Pangea and Skyflow, which is climbing up the Hype Cycle - API aggregators, such as Knit and Merge, continue to gain momentum - GraphQL APIs are headed towards the Trough of Disillusionment, where Service Mesh still sits. - Many industry API initiatives now feature on the Hype Cycle, with finance furthest along, then industries like insurance and healthcare, and finally supply chain APIs which are most nascent. Check out the Hype Cycle for APIs here: https://lnkd.in/ejQNTQ3h . And a big thanks to my co-author John Santoro!
-
Pangea reposted this
Most developers didn't get into software development to code audit logging features or authorization schemas, right? Which is why it's great to see composable security on the Gartner Hype Cycle map. Developers already leverage composability across feature domains like communication (e.g. Twilio) and payments (e.g. Stripe)....now it's time to transform the industry approach to security features (e.g. AuthN, AuthZ, secure file sharing, and audit logging, just to name a few). Composable security can accelerate development velocity, reduce tech debt, and give security and GRC teams visibility and configuration ability around an app's core security functionality for risk reduction and compliance.
Just published - our brand new 2024 Hype Cycle for APIs! - AI, of course, is a big factor this year. AI Gateways are new on the Hype Cycle, both from specialists like Aguru and Portkey, and from established API Gateway vendors like Kong Inc. and IBM. It will be very interesting to see how this particular market plays out. We also include AI used to create APIs, and AI used to consume APIs, on this year's Hype Cycle. - API security is well represented on the Hype Cycle. This year that includes Composable security APIs, including vendors like Pangea and Skyflow, which is climbing up the Hype Cycle - API aggregators, such as Knit and Merge, continue to gain momentum - GraphQL APIs are headed towards the Trough of Disillusionment, where Service Mesh still sits. - Many industry API initiatives now feature on the Hype Cycle, with finance furthest along, then industries like insurance and healthcare, and finally supply chain APIs which are most nascent. Check out the Hype Cycle for APIs here: https://lnkd.in/ejQNTQ3h . And a big thanks to my co-author John Santoro!
Hype Cycle for APIs, 2024
gartner.com
-
When was the last time you checked your API keys and DB passwords? 🤔 If you can't remember, it is probably time to change your storage habits. Nobody wants a data breach.... and tokens/credentials/keys are the main source for unauthorized access, manipulation, and API misuse. Luckily, fixing this mess does not have to be painful. Creating a well-defined strategy for storing and managing these items is as easy as 1, 2, 3. We developed a thorough guide to tell you exactly what steps you can take TODAY to make your app more secure TOMORROW (link in the comments. check it out!) #CyberSecurity #SecureByDesign #KeyManagement Pangea
-
Unlock the potential of secure healthcare application development with our cutting-edge solutions that ensure privacy, security, and compliance 🔒 Step into the future of healthcare with us. Click to learn more! 👉 https://hubs.la/Q02sZ6R00 #healthcaresecurity #cybersecurity #healthtech
API-based security for healthcare | Pangea
pangea.cloud
-
Catch us at #kcdc2024 today and tomorrow! 🕺 Meet us at our booth to win a free pangolin stuffy and chat about securing your application in under 5 minutes. Our team members on the ground: Vanessa Villa, Michael Weinberger, John Addison Gamble 👯 #CyberSecurity #DeveloperConference #SecurebyDesign
-