Securent’s Distributed Externalized Entitlement Platform (DEEP™), part of the company's pioneering Entitlement Management Solution (EMS), is a paradigm shift from traditional, tightly-coupled, and brittle application security systems to a multi-tier, loosely coupled, and standards-based Entitlement Management model. DEEP™ enables Securent to simply and easily integrate with existing identity and access management solutions and heterogeneous application and IT environments. The DEEP™ model consists of the following architecture principles:

Securent externalizes entitlements away from applications. By taking the entitlements framework design out of the hands of individual application owners, development time and cost is significantly reduced – our customers have seen up to a 5x ROI in the first year alone.

Securent EMS enforces entitlements across all layers of an application, including presentation, business logic, and data layers. Securent's enforcement agents plug into application server security interfaces to effectively control access to fine-grained front-end resources such as buttons, tabs, and portlets and fine-grained back-end resources such as method calls and database queries. Securent also provides features such as caching and pre-fetching of policy decisions to dramatically improve performance and reliability.

Modern enterprise policies are very rich in their expression and often need to be dynamic, using not only identity information of the end user, but also resource-specific and environmental data. Securent EMS integrates with user repositories such as LDAP and Active Directory as well as application attribute sources such as databases and metadata. Securent EMS has a policy definition model that can apply flexible rules and constraints such as time of day (allow access during 9am to 5pm) or dollar amount (allow trades less than $100,000) as required by the line of business.

The Securent EMS rules engine can be distributed for high availability and performance with native support for XACML, SOAP, and SAML standards.

Policies may be evaluated and enforced in a distributed manner but must be managed centrally, with controlled delegation. Securent EMS provides a browser-based, drag-and-drop user interface for administering, reviewing, and auditing policies. The administration console enables security groups to consistently define dynamic role and rule-based policies per application and across the enterprise. Additionally, compliance teams can centrally audit entitlements and generate real time reports on “who has access to what” and remediate audit exceptions instantly.