With Pomerium integrated, we now have a good handle on how to secure our internal apps and high-value assets if they don't have their own auth capabilities.
Context and identity driven access
Trust flows from identity, device-state, and context, not network location. Every device, user, and application's communication should be authenticated, authorized, and encrypted.
Authorize every request
Unlike a VPN, requests are continuously re-evaluated on a per-request basis. No more red-green zones or complicated network segmentation, just reliable security at every step in your network.
Policy as code
Authorization policy is expressed in a high-level, declarative language that can be used to enforce ABAC, RBAC, or any other governance policy controls. Pomerium can make holistic policy and authorization decisions using external data and request context factors such as user groups, roles, time, day, location and vulnerability status.