Announcing Sym’s Dynamic Authorization Platform

Jon Bass
October 5, 2023

Today, I'm thrilled to announce the release of Sym's Dynamic Authorization platform. Over the past year, we've taken Sym from a devtool for practitioners thinking about infrastructure access to a governance layer that unlocks automated, context-based authorization across SaaS, internal tools, and infrastructure.

Teams are stuck because we ask them to make access decisions without context. We need to know more than just who somebody works for to understand what they need access to. We also need to know what they are working on. Are they on call? Are they working with a particular customer? Are they a contractor only here for a few weeks? Without context, users often end up with either too little access to get their work done efficiently or more access than they need. Either scenario puts your business at unnecessary risk.

Sym's platform scales context-based authorization by leveraging your company's most valuable security resource: your team. We've beefed up our administrative layer and combined this with deeper integrations and more SDK primitives. Now, centralized security and platform groups can confidently manage authorization flows while leveraging their extended organizations' power to make the right decisions and to iterate on the authorization rules themselves.

I'm excited to share more about our newest product capabilities and how you can use Sym as an internal dynamic access platform.

Where we started

We launched Sym's self-service devtool at the beginning of 2023 for infrastructure engineers who need to solve specific access management pain points. Our goal was to make the easy things easy and the possible things possible. Using symflow generate, engineers can quickly provision a basic access flow in minutes and then use our examples repo for inspiration on how to customize.

What's new

Our early adopters helped us create a fantastic self-service, guided experience to get started implementing access flows. Now, we've complemented our devtool roots with platform enablement features that help teams use Sym at scale:

Web application for centralized access management & audit: Sym's web application allows security & IT teams to view, manage, and report on access requests from one centralized location. The web app simplifies the approval process and provides a single source of truth for org-wide access – paving the way for straightforward access controls and fast audits.

Intelligent, context-based access controls: Sym's laser focus on context-driven access decisions shows through in their latest SDK features.

  • Historical context allows you to use historical event data to inform runtime decisions, making your access decisions faster and more intelligent.
  • Dynamic targets for AWS SSO - Sym's deep AWS IAM Identity Center Integration means that implementers can configure temporary access flows per organizational unit, minimizing maintenance overhead for teams with dynamic AWS account provisioning.
  • Read more about backup approvers, reason for approve/deny, and our other advanced Slack features in our changelog

Deep security partnerships & integrations: Over the last few months, Sym has built strong relationships with AWS, Hashicorp, Vanta, and Datadog. A few of Sym's recent integrations include:

  • AWS - Sym is now available via the AWS Marketplace, simplifying purchasing flow and complementing our existing AWS IAM Identity Center and AWS Kinesis integrations.
  • Datadog - Our native Datadog integration includes built-in facets, attribute mappings, and an out-of-the-box dashboard to simplify reporting and analysis with Sym administrators.
  • Jira - Integrate business context from Jira into flows, automating your access management ticket queue.
  • Hashicorp Boundary - Add context-based temporary access to remote hosts and infrastructure endpoints that you manage with HCP Boundary.
  • Vanta - Automate the entitlements review process by syncing Sym users to Vanta. 
  • KnowBe4 - check user training enrollments, pass/fail status, and group membership. Use this information to route requests and grant or deny access dynamically.

What's next?

Teams need a dynamic authorization layer that is as pluggable as possible. We will continue extending Sym's building-block nature with support for new user interaction channels (email, SMS, MS Teams), robust self-hosting support, and (always) more integrations. And, of course, we will continue to learn and collaborate with our amazing customers!

Recommended Posts