Embed Cerbos Policy directly into your frontend bundle for instant authorization checks - join our alpha!
Help design the future of Cerbos to enable Product and Security teams to manage policy - book a workshop
and finally a chance to win a t-shirt
You are receiving this email because either we have met, chatted, or you’ve visited our websitecerbos.devand asked us to keep you up-to-date. If you have been forwarded this email, you cansubscribeand receive future updates directly from us. If you prefer not to receive these updates, you can unsubscribe below, but we hope you stay!
Help grow the Cerbos community
We would love for you to participate in our survey! It takes less than 5 minutes to complete. Your responses will help us grow the Cerbos community.
Updates to Cerbos
Cerbos v0.22
The latest release of Cerbos, v0.22, includes optimized query plans, improved policy loading and more controls for debugging requests.
The query planner is now smarter and able to produce simpler, optimized plans for some of the commonly seen filter patterns. This, along with additional development and deployment experience improvements, should help you build better database queries for building lists of resources filtered using access control logic, help reduce latency spikes, and so on.
Over the past few weeks we have attended the following two conferences. For those of who were there and stopped by - it was great speaking to you!
API World: Oct 25-27 (San Jose, CA); Nov 1-3 (virtual) Cerbos gave a talk on the “Never ending requirements of authorization”. At the conference, we also received our award Best in API Security!
Web Summit: Nov 1-4 (Lisbon) Cerbos was at the Web Summit in Lisbon and presented at the startup stage. Thanks for stopping by and saying hi!
Blog highlights
What the heck is a principal?
Very simply, "principal" is just a fancy term for a user. For most applications, the terms "user" and "principal" are interchangeable because the application is only ever used by humans. However, Cerbos is not just for authorizing humans; it can also be used to authorize access from other applications, services, bots or anything you can think of. Therefore, we prefer to use the proper computer security term to make that clear.
Cerbos recognised as “Best in API Security” at API World Awards 2022
The API Awards, which celebrate incredible technical innovation, measure a product’s adoption and reception in the API & Microservices industries as well as use and application by the global developer community.
How Cerbos helps Salesroom simplify and scale access control quickly and securely
Salesroom wanted to get permission control right the first time. Chuck Hardy, the Head of Engineering at Salesroom, and David Workman, a Senior Software Engineer chose Cerbos to simplify the implementation and management of user permissions and authorization.
Security, enterprise support and collaboration emerge as major themes during KubeCon NA
With the continued rise of larger businesses relying more and more on open source software, the question of support at large scale naturally has become a core theme within the CNCF and a hot topic at KubeCon. Read the full article here.
Embedded Authorization - Join us in alpha testing!
Cerbos Lite is a version that doesn’t require running a Cerbos Service instance. Policies are compiled into a static bundle that can be included in client apps. This enables on-device authorization checks, consistent authorization, anywhere your application runs. Interested?
Having spoken to many of Cerbos’ users, having a workflow to author and manage policy is a top request - we have been working away on this and are looking for some keen users to test out this new way of using Cerbos.
We want to give you a t-shirt! We also want to talk to you about Cerbos and get your feedback, both what you like and dislike, what are your primary use cases, if you are missing any particular functionality or have suggestions on how you would like us to improve the product.
.png)
 (1).png)
.webp)
