 OpenPMF helps develop, operate and maintain secure applications. It makes application security proactive, manageable, intuitive, cheaper, and less risky. |
| With OpenPMF, you can manage application security policies for access control and auditing: |
| 1 |
Configure intuitive business security requirements
Security professionals can configure and audit generic application security requirements in OpenPMF, including access and monitoring policies. No need to be an application specialist. |
| 2 |
Generate matching technical security policies automatically
Application developers can implement application specific technical application security at the click of a button. OpenPMF automatically analyzes your software as it is being written or updated, and generates fine-grained access and audit policies. No need to be a security specialist. |
| 3 |
Enforce technical security policies transparently
At runtime, OpenPMF's local protection agents underneath all applications automatically intercept and check all application communications before they are forwarded to the application. |
| 4 |
Audit technical security policies transparently
At runtime, OpenPMF also automatically monitors and collects information about security incidents for auditing purposes. The collected information can be configured through fine-grained audit policies. |
| 5 |
Update technical security policies automatically
OpenPMF agile policy automation uniquely makes policy management and implementation manageable for today’s rapidly evolving interconnected applications (e.g. agile SOA with BPM, agile Cloud infrastructures). |
OpenPMF is proven, award-winning, patent-pending, and standards-based (inc. BPMN, XACML, Syslog, X.509, ECORE/MOF), with deployments including US Navy & Air Force & a European air traffic control project. OpenPMF can be managed local or using our subscription based cloud service (see cloud.openpmf.com) |
| OpenPMF is part of a secure application development lifecycle at development time right from the beginning – dealing with policy abstraction, externalization, authoring, automation, enforcement, monitoring, and verification. OpenPMF security policy automation also forms a critical part of any entitlement management and identity & access management (IAM) strategy. |
| Unlike any other application security policy management product in the market, OpenPMF offers unique automatic policy generation and update from intuitive business security requirements (even for agile SOA, Cloud and virtualization application platforms). OpenPMF also supports more technologies than any other product in the market, including:
|
| Axis2/Tomcat, Weblogic, Glassfish, RTI DDS, Intalio BPMS, Eclipse, XACML, Qedo CCM, MICO & JacORB CORBA, XMLBlaster, Promia Raven, IIOP ObjectWall, Secerno, PostgreSQL, LDAP, X.509, ATLAS |
Using OpenPMF, you will:
| 1 |
Save time and money |
| |
Security professionals focus on security |
| |
Application professionals focus on the application |
| |
Automatically generate & update application security policies |
| 2 |
Adopt security easily & flexibly |
| |
Development tool integration out of the box (Eclipse & Intalio) |
| |
Multiple licensing alternatives and gradual adoption options |
| |
No security expertise required |
| 3 |
Align business & security, improved proactive security & agility |
| |
Removes technology and security silos, and reuses legacy |
| |
Security & development separated, but linked via policy |
| |
Comprehensive, fine-grained security monitoring & auditing |
|
|
|
FAQ/Q&A 
Blog
Newsletter
