OpenPMF automates the process of turning human-manageable security requirements into the matching technical security policy implementation and accreditation/compliance evidence. OpenPMF is key to reducing cost, improving security & accreditation/compliance, and supporting security for today's agile, interconnected applications (e.g. SOA/cloud). OpenPMF™ includes a model-driven policy authoring tool, a model-driven rule generation tool, an authorization policy server, and policy decision/enforcement points.
OpenPMF automates security policy management:
With OpenPMF, you can automatemanaging application security policies for access control & auditing: automate the process of turning human-understandable security & compliance requirements
into the matching numerous and ever-changing technical security policy rules and configurations. In addition,
proactively enforce ("whitelisting"), and continuously monitor security the application layer. OpenPMF involves five steps:
OpenPMF is critical for enterprise security:
OpenPMF ("Open Policy Management Framework") makes application security manageable through automation. Its security automation forms a critical part of any authorization management, entitlement management and identity & access management (IAM) strategy. OpenPMF also enables a secure application development lifecycle at development time right from the beginning – dealing with policy abstraction, externalization, authoring, automation, enforcement, audit monitoring & reporting, and verification.
OpenPMF automation is unique in the market:
Unlike any other application security policy management product in the market, OpenPMF offers unique automatic policy generation (whitelists) and update from intuitive business security requirements - including least privilege and workflow policies, which protect from insider attacks.
OpenPMF automates policy management even for agileSOA&Cloud application platforms.