[8] To solve various challenges around implementing secure distributed systems, ObjectSecurity released OpenPMF version 1,[9] at that time one of the first Attribute Based Access Control (ABAC) products in the market.

Thanks to the support of several EU funded research projects, ObjectSecurity found that a central ABAC approach alone was not a manageable way to implement security policies.

[14][15] OpenPMF version 3 was released in 2010, supporting advanced policies, Eclipse, cloud, BPMN,[16] SOA, XACML, pub-sub/DDS, and numerous additional enforcement points.

[19] In recent years, ObjectSecurity has extended OpenPMF to support automatic system detection, automated formal testing,[20] virtual reality support, API server etc., enabling security policy automation without the need to install local agents, and allowing the use of model-driven security without the need for a model-driven development.

In 2019, ObjectSecurity released an alpha version of a U.S. United States Navy SBIR funded[25] VAPT automation tools,[26] which automatically analyze both IP systems/networks and embedded devices (via non-IP ports) for software vulnerabilities.