Cerbos first launched as an open-source product in 2021 to help engineering teams offload an essential but boring and complicated task. We help engineers spend more time building features instead of authorization. And we help organizations avoid wasting engineering labor and the costs associated with it. Over time, the feedback we received from our users validated our assumed purpose.
But in the past year, especially after releasing Cerbos Hub in Beta and now General Availability, we’ve spoken with an increasing number of CTOs and product leaders who see authorization from a different perspective.
As it turns out, authorization is not just an essential security feature. It's also a user experience feature. When you implement fine-grained access control, you can slice and dice product features and resources for a wider variety of user types in your application. You get better internal workflows and less risk of user error leading to breaches. And the result is often a product that has better user experience, better customer adoption, and is more responsive to customer needs.
Here are a few examples of Cerbos clients whose implementations led directly to improvements in business performance.
Supy is a back-of-house restaurant management application. They help companies optimize the cost efficiency of their restaurants.
Restaurant management is very diverse. Every company has a different way of organizing their workflows in their branches. A one-size-fits-all RBAC (role-based access control) approach to authorization was not working. 30% of their customers were asking for custom roles and permissions, and Supy’s engineering team was customizing the authorization logic for each individual account on demand.
Supy implemented Cerbos in the front end and back end of their application and gave their customers the ability to build their own RBAC rules. They delighted their customers and attracted new clients seeking customizable solutions.
“Offering dynamic roles and permissions makes us more competitive in the market. We can offer companies a software that fits into their workflows, rather than forcing them to change.” - Ibrahim Bou Ncoula, Supy’s CTO.
Nook is a business finance application that streamlines invoicing, approvals, and payouts for accounts payable and accounts receivable. Similar applications in the market are meant to be exclusively used and managed by an accounting team. Nook differentiated themselves by creating roles and permissions in their application for all internal and external actors in the payables and receivables workflow.
This way, accounting teams keep sensitive financial information safe in one system. They do not send documents through outside channels. An external contractor can be given access to view and approve a specific document, without exposing any other resources to that person or allowing any additional actions.
As a result of this capability, Nook estimates that they have 3x the number of users per account than the industry norm.
“For every client we have, we're able to have 2x, 3x, the number of users for that client on Nook than we could without the roles and permissions that we have.” - Joe Lines, CEO of Nook
Human Managed and 9fin are both data intelligence platforms processing large volumes of sensitive data. Human Managed delivers internal business intelligence and action steps to inform operational improvements. 9fin provides real-time data on the tradeable debt market.
Both companies offer a range of products meant for different business types and use cases. And both sometimes have clients whose needs require a non-standard suite of products and features. By implementing Cerbos for backend API authorization, customizing access to products and data sources for each of their clients is as easy as flipping a switch.
Karen Kim, CEO of Human Managed gives an example of how they implemented ABAC (attribute-based access control) in their product:
"Show intel card A, decision recommendation type B, for use case C to operators and analysts from customer D's department E who access our app F through authorized laptops between 9–10am only. Human Managed can apply unlimited conditions, attributes, and parameters at any granularity level as simple configurations without writing any code. It allows us to deliver truly personalized services quickly, securely & at scale.” - Karen Kim, CEO of Human Managed
Cerbos Hub is now generally available. and you can sign up for free. If you find that authorization had an unexpected impact on your business, we would love to hear about it! Keep in touch with us by joining our Slack community or booking a call with us any time.
Book a free Policy Workshop to discuss your requirements and get your first policy written by the Cerbos team
Join thousands of developers | Features and updates | 1x per month | No spam, just goodies.