The $0 security stack
As part of our initial SOC2 audit, we wanted to put in place actually useful security tools. Luckily, in 2026, world-class security costs literally nothing.
CEO / Founder
CEO / Founder
As part of our initial SOC2 audit, we wanted to put in place actually useful security tools. Luckily, in 2026, world-class security costs literally nothing.
CEO / Founder
CEO / Founder
The passkey PRF extension lets syncable credentials do much more than login users. See how apps are using this for end-to-end encryption.
CTO / Founder
CTO / Founder
Groups used for access controls can be based on department, reporting chain, or projects. The right answer is whatever maps best to how your org actually works.
CEO / Founder
CEO / Founder
IT teams are overwhelmed with never-ending access requests. Getting off the identity treadmill means getting to fewer tickets over time, not faster tickets.
CEO / Founder
CEO / Founder
We threw Go’s new “testing/synctest” package at a particularly gnarly part of our codebase and were pleasantly surprised by how effective it was.
CTO / Founder
CTO / Founder
Introduction to using Protobuf and Connect for type-safe frontend API calls from the frontend to the backend.
Software Engineer
Software Engineer
The SSO tax shouldn't be about having SSO — it should be about enforcing it. The value of SSO is to centrally manage access and require strong authentication.
CEO / Founder
CEO / Founder
Recent breaches at Okta, Snowflake, and Twitter help us learn how to prevent authentication failures like credential theft, MFA bypass, and session hijacking.
CEO / Founder
CEO / Founder
Security teams underestimate the investment needed for internal tools, and so underinvest in UX. When security tools are painful to use, people bypass security.
CEO / Founder
CEO / Founder
We interviewed IT and security teams to ask them how they actually define, implement, and improve their access control policies. Get the report to learn more.
CEO / Founder
CEO / Founder
Business teams have context for access decisions but lack authority. Delegate to those closest to the resources by defining clear ownership for each app.
CEO / Founder
CEO / Founder
Internal tools built as code come with version control and audit logs for free, but git becomes a barrier for non-engineers to use these tools.
CEO / Founder
CEO / Founder
A role in RBAC should represent what someone actually does in your environment. Your job title makes a bad RBAC role: it's your position, not your function.
CEO / Founder
CEO / Founder
Comms groups map to how people actually work, but often access groups don't. Comms groups always become access groups. It's not a matter of if, but when.
CEO / Founder
CEO / Founder
SQL builders are always one bad logic bug away from full-blown query injection. Oblique uses Go type tricks to prevent this entire class of backend issues.
CTO / Founder
CTO / Founder
Authentication has evolved from simple passwords to federated systems with passwordless logins, continuously balancing security and usability.
CEO / Founder
CEO / Founder
Instead of minting long-lived API keys and warning users “keep this secret,” let's use GitHub Action's OpenID Connect support instead.
CTO / Founder
CTO / Founder
Organizations ask users to fill out justification fields when requesting access, but these are useless explanations. You should already have the context.
CEO / Founder
CEO / Founder
IT teams are scared to remove access they don't understand, leading to sprawling entitlements. Removing unused access isn't risky — never removing access is.
CEO / Founder
CEO / Founder
Identity management is surprisingly hard: access controls change constantly and require context. We founded Oblique to work on impactful security problems.
CEO / Founder
CEO / Founder
Get the latest product news and updates