If you believe decisions should be informed by data, then security decisions should be informed by all the data. Today, most applications are limited to using user identity when making access decisions — which leaves systems blind to the multi-faceted forms of attack vectors being exploited in the threat landscape. It turns out an access control system is only as good as the data used in policy decisions.
For more information on how context enriches access decisions, read our blog post here.
Pomerium Enterprise Console's external data feature allows you to collect data from sources other than your identity provider (IdP) to make context-aware policy decisions. Pomerium provides several data sources as examples, but we encourage you to create (and share with the community) your own integrations to expand your data-driven policies.
See the pages in this section for more information on our example data sources, or learn how to create your own by reviewing our datasource repository.