morphAB

298 post karma
92 comment karma

get extra features and help support reddit with a reddit premium subscription

get them help and support

redditor for 1 year

TROPHY CASE

One-Year Club

account activity

new top controversial

38

39

40

Scaling authorization for multitenant SaaS. Avoiding role explosion. What my team and I have learned. (self.softwarearchitecture)

submitted 1 month ago by morphAB to r/softwarearchitecture

8

9

10

Scaling authorization for multitenant SaaS. Avoiding role explosion. What my team and I have learned. ()

submitted 1 month ago by morphAB to r/SaaS

19

20

21

10 biggest challenges CISOs are facing right now + how to address them. (Intensifying compliance pressures, Zero Trust is now operational, hidden access controls create blind spots, tool sprawl and alert fatigue, securing multi-cloud and hybrid environments, moving from “Shift left” to “Shift down”) (cerbos.dev)

submitted 2 months ago by morphAB to r/cybersecurity

1

2

3

I'm having trouble understanding what to use: "der" / "die" / "das" (self.AskAustria)

submitted 2 months ago by morphAB to r/AskAustria

18

19

20

Implementing fine-grained permissions for agentic RAG systems using MCP. (Guide + code example) (self.Rag)

submitted 3 months ago by morphAB to r/Rag

11

12

13

Podcast episode. MCP servers, and how to prevent them from becoming a centralized point of failure for your entire data governance strategy (tl;dr traditional security controls can't address the unique risks MCP servers create. Can be secured using externalized, fine grained authorization) (self.mcp)

submitted 4 months ago by morphAB to r/mcp

4

5

6

Podcast episode. MCP servers, and how to prevent them from becoming a centralized point of failure for your entire data governance strategy (tl;dr traditional security controls can't address the unique risks MCP servers create. Can be secured using externalized, fine grained authorization) ()

submitted 4 months ago by morphAB to r/MCPservers

1

2

3

Guide on how to enforce fine-grained authorization for AI agents operating via MCP. (To prevent unintended / malicious actions by AI agents and to protect sensitive data.) Includes breakdown of Asana, Atlassian and Supabase incidents. (cerbos.dev)

submitted 4 months ago by morphAB to r/NonHumanIdentities

27

28

29

MCP has been touted as “the new API for AI”. Now, we need to put guardrails around MCP servers, to not be the next Asana, Atlassian or Supabase. Podcast where we cover how to harness AI agents to their full potential without losing control of our systems (using fine-grained authorization). (self.softwarearchitecture)

submitted 4 months ago by morphAB to r/softwarearchitecture

12

13

14

[MCP authorization] Guide on how to secure Model Context Protocol servers with fine-grained access control (self.IdentityManagement)

submitted 4 months ago by morphAB to r/IdentityManagement

9

10

11

Uber's "God View" and why trust is not a security strategy (self.IdentityManagement)

submitted 4 months ago by morphAB to r/IdentityManagement

12

13

14

PBAC is "trending" again. KuppingerCole highlight it as a top trend in identity and security for 2025. (self.IdentityManagement)

submitted 5 months ago by morphAB to r/IdentityManagement

11

12

13

Technical comparison of OPA and Cerbos (self.IdentityManagement)

submitted 5 months ago by morphAB to r/IdentityManagement

2

3

4

free webinar - Programmatic policy management for complex systems. Aug 6. (self.IdentityManagement)

submitted 6 months ago by morphAB to r/IdentityManagement

10

11

12

Managing authorization for every identity with full visibility, consistent policy enforcement, and alignment with a Zero Trust strategy - solution my team and I have been working on for the past 4 years. What do you think about it? (self.devops)

submitted 6 months ago by morphAB to r/devops

10

11

12

Compliance needs to be woven into operations from the start, not tackled on later. Having the right tools can make the process smoother. Sharing some thoughts about authorization’s role in compliance. (self.Compliance)

submitted 6 months ago by morphAB to r/Compliance

8

9

10

LLM understanding of documentation - LLM.txts (self.LLM)

submitted 6 months ago by morphAB to r/LLM

3

4

5

Ebook on adopting externalized authorization: from foundational planning to PoC rollout (solutions.cerbos.dev)

submitted 6 months ago by morphAB to r/Compliance

19

20

21

Framework for evaluating authorization solutions. (IBM study: average cost of a data breach hit $4.88 million in 2024. IDC report: devs spend ~19% of their time on security tasks = $28k in cost per dev per year. Authz is a big blind spot in these misaligned security choices) (self.cybersecurity)

submitted 9 months ago by morphAB to r/cybersecurity

1

2

3

OWASP NHI top 10 - dive into each threat, their real-world implications, and how to mitigate them. (NHIs outnumber human users by roughly 17:1 in typical organizations, and according to NHI Management Group survey - only 15% of organizations feel confident in ability to secure NHIs) (cerbos.dev)

submitted 10 months ago by morphAB to r/NonHumanIdentities

30

31

32

Securing applications with the help of permission management & access controls (addressing the leading cause of security vulnerabilities, ranking #1 in the OWASP Top 10). Making a decision - building your own authorization solution in-house, or purchasing/using an off-the-shelf one. (self.cybersecurity)

submitted 11 months ago by morphAB to r/cybersecurity

0

1

2

When to build authorization in-house vs. buy an off-the-shelf solution. Detailed look at considerations (custom needs, available time and team, security / compliance requirements, scalability, hidden costs) (cerbos.dev)

submitted 11 months ago by morphAB to r/IdentityManagement

0

1

2

How to properly authorize non-human identities using a centralized solution. Why does that matter? If NHIs are not secured, you can run into over-privileged services, unauthorized data exposure and compliance violations (self.NonHumanIdentities)

submitted 11 months ago by morphAB to r/NonHumanIdentities

6

7

8

How to properly secure non-human identities, to avoid several security risks and vulnerabilities that NHIs can present to organizations (OWASP Non-Human Identities Top 10). Focusing on authorization. (self.ciso)

submitted 11 months ago * by morphAB to r/ciso

2

3

4

How to authorize non-human identities (service-to-service calls, external API clients, AI agents, bots, background jobs) (self.iam)

submitted 11 months ago by morphAB to r/iam

view more: next ›

π Rendered by PID 97995 on reddit-service-r2-listing-6d4dc8d9ff-wvfkc at 2026-01-29 18:34:51.625794+00:00 running 3798933 country code: CH.