Basil Security unveils security policy enforcement solution

Basil Security, the Zero Trust Operations company, announced general availability of the world’s first policy-as-code platform that provides stateful security policy enforcement over arbitrary code execution, APIs, and data access. Basil can be used to prevent errors, block insider cyberattacks, and guarantee accountability.

“Preventing errors and insider cyberattacks beats detecting and remediating security problems after the fact,” said Ron Herardian, Basil Security’s CEO. “Multi-party approvals, non-repudiation, and audit time travel set new standards for cybersecurity, and for security and compliance audits. Basil is the next evolutionary step for highly secure environments and enterprises in regulated industries.”

Nearly one-third of all cyberattacks are insider attacks and nearly half of all data breaches are caused by errors or malicious insiders. At the same time, new technologies are needed to meet requirements stemming from regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Security and regulatory challenges are greatly amplified in hybrid cloud and multi-cloud environments.

Traditional identity and access management (IAM) solutions that use role-based access control (RBAC) ensure that the right people have access to the right services. As such, these solutions do not, at a granular level, control code execution, API calls, or data access.

Basil integrates with and extends existing IAM capabilities with next-generation attribute-based access control (ABAC). Using Basil, human-readable security policies are proactively enforced. Basil can control arbitrary code execution, APIs, and data access, and adds multi-party approval, non-repudiation, immutable, unified audit logging, and other new capabilities.

Basil operates at the infrastructure, platform, and application levels across all cloud-based environments. It is ideal for security and regulatory audits, digital forensic investigations and attribution, and DevSecOps—including development and operations (DevOps), and continuous integration and delivery (CI/CD).

Together with ABAC, immutable, unified audit logging provides selective visibility to internal and external auditors, as well as to end users, including the ability to audit prior points in time.

Basil nodes can be deployed in any data center or cloud environment. Pricing is per node.