The Edge Strikes Back: Challenging OWASP’s Take on Edge-Level Authorization

The OWASP Microservice Cheat Sheet makes a bold statement about the limitations of edge-level authorization architectures - implying that they cannot handle the complexities of modern microservices. But what if that’s no longer true?

Enter heimdall, an identity-aware proxy that redefines edge-level authentication and authorization. By integrating fine-grained access control with modern Zero Trust principles, heimdall overcomes the supposed weaknesses, providing scalability, flexibility, and performance without sacrificing security and team agility.

In this talk, I will challenge the OWASP Cheat Sheet’s view and demonstrate how heimdall addresses its concerns head-on. You’ll learn how edge-level authorization can scale to meet the demands of large, distributed systems while maintaining granular control over access. Through real-world examples and architecture insights, we’ll explore why the edge-level might just be the most effective place for secure access control.

Join me to see how heimdall blows away the perceived limitations of edge-level authorization and why it’s time to rethink this critical piece of microservice security.

Datum: 29.05.2025
Uhrzeit: 10:30 - 11:15
Konferenz / Veranstaltung: OWASP Global AppSec EU 2025
Ort: Centre de Convencions Internacional de Barcelona (CCIB), Barcelona

The Edge Strikes Back: Challenging OWASP’s Take on Edge-Level Authorization

TAGS