Guest: Asaf Cohen (LinkedIn, Twitter)
Company: Permit.io (Twitter)

The emergence of microservices has made permissions increasingly complex and hard to manage. In this episode of TFiR Let’s Talk recorded at the KubeCon in Detroit, Swapnil Bhartiya sits down with Asaf Cohen, CTO and Co-Founder of Permit.io, to discuss the challenges of managing permissions in microservices and how Permit.io is helping companies simplify permissions with attribute-based access control.

Key highlights of this video interview:

• Cohen’s background is as a software engineer around cryptography, dev tools, and cybersecurity. His role was to make the lives of developers easier by testing the infrastructure and code signals, which led to him co-founding Permit.io.
• It used to be a simple infrastructure, but it changed when microservices emerged. Each of the services needs to enforce access in the same way across the organization.
• Cohen feels that awareness around permission is growing. People understand that authorization is a major challenge and more companies are trying to address this. However, he feels that more education for developers is needed. Cohen discusses the different ways they help customers whether via in-house implementation or just advice.
• Permit.io’s new attribute-based access control enables more complex rules and granularity with the policy. Cohen discusses the sort of conversations they are having with people at the KubeCon.
• Cohen takes us through the key considerations for access control such as infrastructure-level authorization and end-user or application authorization. He explains how Permit.io provides customers with all things needed to implement access control on their own.

The summary of the show is written by Emily Nicholls.