2243

Secure your architecture with externalized authorization

Architect robust and scalable externalized authorization with Cerbos' Policy Decision Point and managed Policy Administration Point, meeting your Zero Trust objectives.

Secure your architecture with externalized authorization

Join hundreds of leading companies using Cerbos

The world's leading crypto finance house serving people, projects, protocols and institutions since 2011.
Utility Warehouse synchronizes authorization across 4,500 services
One of the world's leading automobile manufacturers.
Creating a world where workplaces work better.
4G Capital saves a quarter-million dollars per year with Cerbos
Enabling all healthcare stakeholders to easily share information and work together.
The number 1 company in Italy to buy and sell.
Enhancing and accelerating the software development lifecycle.
The leading European analyst firm in identity and access management.
Modern and digital survey solutions for companies.
NTWRK makes a complex access control system easy to manage with Cerbos
The experts in medical imaging technology.
Making the world a better place to work together.
An early stage tech venture investor.
The collaborative platform to build conversational AI.
Human Managed creates a future-proof ABAC engine with Cerbos
The fastest development platform.
The leading contract creation and collaboration platform.
One of the world's fastest-growing global technology services provider.
9fin modifies product packaging in 10 minutes
Cerbos helps Salesroom save over $1MM worth of developer time
People analytics platform: Fast track to the insights behind your people data.
Advanced malware and phishing analysis.
Leading search intelligence platform for the open web.
Logistics payments without the logistics.
Nook onboards 3x more users by implementing granular roles and permissions
A react-based framework for building internal tools, rapidly.
Debite accelerates compliance certification and ships products faster
Supy offers dynamic role management to their clients with Cerbos
Loop secures air-gapped cash deposit machines with Cerbos
Making the world a better place to work together.
Build and manage residential investment portfolios.
Securely manage application secrets and configurations.
A discussion-first platform without language issues.
Collaborative team design canvas that equips tech leaders to make smarter org design decisions.
The world's leading crypto finance house serving people, projects, protocols and institutions since 2011.
Utility Warehouse synchronizes authorization across 4,500 services
One of the world's leading automobile manufacturers.
Creating a world where workplaces work better.
4G Capital saves a quarter-million dollars per year with Cerbos
Enabling all healthcare stakeholders to easily share information and work together.
The number 1 company in Italy to buy and sell.
Enhancing and accelerating the software development lifecycle.
The leading European analyst firm in identity and access management.
Modern and digital survey solutions for companies.
NTWRK makes a complex access control system easy to manage with Cerbos
The experts in medical imaging technology.
Making the world a better place to work together.
An early stage tech venture investor.
The collaborative platform to build conversational AI.
Human Managed creates a future-proof ABAC engine with Cerbos
The fastest development platform.
The leading contract creation and collaboration platform.
One of the world's fastest-growing global technology services provider.
9fin modifies product packaging in 10 minutes
Cerbos helps Salesroom save over $1MM worth of developer time
People analytics platform: Fast track to the insights behind your people data.
Advanced malware and phishing analysis.
Leading search intelligence platform for the open web.
Logistics payments without the logistics.
Nook onboards 3x more users by implementing granular roles and permissions
A react-based framework for building internal tools, rapidly.
Debite accelerates compliance certification and ships products faster
Supy offers dynamic role management to their clients with Cerbos
Loop secures air-gapped cash deposit machines with Cerbos
Making the world a better place to work together.
Build and manage residential investment portfolios.
Securely manage application secrets and configurations.
A discussion-first platform without language issues.
Collaborative team design canvas that equips tech leaders to make smarter org design decisions.
Cerbos Hub

Externalized authorization for your enterprise applications

Policy based access control

Ensure dynamic and flexible access control with policy-driven decisions. Adapt to changing access needs with ease, define access based on multiple conditions and contexts, and manage policies within your existing governance processes.

PBAC

Decision level audit logs

Achieve transparency, accountability, and compliance with Cerbos' comprehensive audit logging. Feed application decision logs into your existing SIEM tooling for end-to-end visibility. Audit logs in Cerbos Hub capture authorization decisions across all PDP instances in a central, collated feed.

Audit logs

Distributed decisioning, centrally managed

Use Cerbos Hub's unified platform to enable collaborative authoring, iteration, and management of authorization policies by developers and product teams. Maintain consistent, transparent, and adaptable authorization logic across all applications.

Cerbos Hub

Cerbos Hub provides a comprehensive suite of tools that:

  • Integrate seamlessly with your existing tech stack
  • Ensure you're able to demonstrate compliance with HIPAA, GDPR, SOC2, and others
  • And streamline the authorization process across multiple platforms

The Impact of Cerbos

avatar

David, Senior Software Engineer
@ Salesroom

"We can run Cerbos next to our application, and can have as many instances running as we need to. So we can have one dedicated host we're running it on. And so there's much less risk of it going down and taking everything down without us knowing about it all, without being completely out of our control, like the host solution might be."

avatar

Rob, Principal Engineer
@ Utility Warehouse

"One of our favorite features is the audit logs because it allows us to understand what is happening in the black box. We’ve never had that before and we didn’t know we needed it."

avatar

Steve, Staff Engineer
@ NTWRK

"Throwing the entire concern of authorization across to Cerbos really did increase my velocity, which in turn increases velocity downstream from me. It has allowed the team to deliver top-tier user experience and concentrate on faster app iterations."

avatar

Chuck, Head of Engineering
@ Salesroom

"I categorized Cerbos as just one of those things I probably don't have to think about. And that's a very valuable thing to me cause there's a lot of things that take up even a small percentage of our mind space. And if we can just leave it be in the corner and know that we'll be protected. And if something goes wrong, they will do everything in their power to resolve. It gives you that extra bit of confidence."

avatar

Henry, CTO & Co-Founder
@ Nook

"Having the separation of the permissions from the code base just makes the code base more elegant. It makes the permissioning more elegant. It means they're centralized, so they're not tied to specific endpoints. And ultimately it means that different business owners, i.e. Joe, in our case, because he's the only one who's not a developer, have the ability to actually make updates."

Why Cerbos?

shield

Flexible deployment models

Self-hosted, compatible with air-gapped, high security environments. Deploy with serverless functions or a sidecar model.

Deployment
shield

Open source

Cerbos PDP source code is freely available under Apache 2.0 license.

GitHub
shield

Built for scale

Cerbos is containerized, stateless, and scales horizontally to handle increasing demands.

Scalability
shield

Centralized management

Use Cerbos Hub for policy management, collaboration, and streamlined deployment.

Cerbos Hub
shield

Supported authentication providers

Use any identity provider to authenticate your users. Use Cerbos to enforce access controls. Cerbos natively supports JWT for integration with numerous authentication providers, such as: JWT, Auth0, Okta, and others.

Authentication support
shield

Fine-grained access control

Achieve precise control over resource access via RBAC and ABAC policy.

RBAC
ABAC
shield

No lock-in

Maintain full ownership of where policies are stored, and deploy onto any platform.

No lock-in
shield

Thriving community

Join an active community of Cerbos users and connect directly with our engineers.

Slack community

Speak to our solutions team, we'll be happy to assist you in designing a truly zero trust application archicture with externalized authorization.

What our users say about Cerbos

avatar

Rob, Principal Engineer
@ Utility Warehouse

"It's weird to say an outside company has our back, but Cerbos does. It's the people. It's their open-source code: it's high quality, you can read it, it does what it says on the tin"

avatar

Joe, Software Engineer
@ 9fin

"It's a good feeling being able to say yes to almost any permissioning requirement." "Cerbos is small, contained and easy to implement. It 100% delivers on the promise of abstracting away the complexity of decision making."

avatar

David, Senior Software Engineer
@ Salesroom

"We're not worried about scaling because we can easily increase our load on Cerbos. It will also be easy for us to change how we're distributing policies as we reach different points of scale."

avatar

Joe, CEO & Co-Founder
@ Nook

"We went from one user - every role, to a world where there are many users - many roles. And the product, it relies on Cerbos to actually bring the value that we want to bring to customers. All of our customers are relying on Cerbos, by relying on the product, which is of course relying on Cerbos."

avatar

Chuck, Head of Engineering
@ Salesroom

"Instead of thinking of how much time Cerbos has saved us, I think about how much time it didn't cost us. It didn't cost us any time. Cerbos just works. I don't have to think about it. It's as simple as that."

avatar

Steve, Staff Engineer
@ NTWRK

"One of our big considerations was speed. We have strict latency tolerances. When it comes to Cerbos - you can call it a hundred times during a request and it doesn't matter. It's incredibly fast."

avatar

Engin, Head of Product and Growth & Co-Founder
@ Debite

"If it wasn't for Cerbos, one thing is for sure - we would've launched later than we did. As a result, we would have less customers. And the maintenance part is also very important. Our technical team would be dealing with daily stuff regarding access controls, access logs. Now, we don't have to spend any time on that."

avatar

Rounak, Founding Engineer
@ CommandK

"Cerbos policy writing is quite flexible, and deploying as a unit microservice as well. Cerbos "doesn't get in the way" once integrated, that's the best part."

avatar

Romina, Tech Lead
@ Wizeline

"It is easy to implement and provides a solution for a problem that is often not properly addressed."

avatar

Henry, CTO & Co-Founder
@ Nook

"Having the separation of the permissions from the code base just makes the code base more elegant. It makes the permissioning more elegant. It means they're centralized, so they're not tied to specific endpoints. And ultimately it means that different business owners have the ability to actually make updates."

avatar

Rasmus, CTO
@ Firtal

"Just discovered your embedded testing framework. This is probably the best balance between hyperfocused functionality and embedded tooling I've ever seen in an open source project. Damn, good work!"

Most popular resources

laptop

Cerbos Policy Decision Point

Want to run authorization yourself?

laptop

Playground

Prototype policies in your browser right now

laptop

Docs

Check out our API reference and guides

laptop

Slack community

Join our community on Slack and learn

laptop

Success stories

Stories of Cerbos in production

laptop

Speak to an engineer

Book an intro call and learn more