Styra

Redwood City, CA, USA
2016
  |  By Eric Kao
Gartner projects that by 2026, 80% of software engineering organizations will have established platform engineering teams. The vision of platform engineering is ambitious: to empower developers with all the flexibility they need while minimizing complexity. This approach has already transformed infrastructure, deployment, data analytics, encryption management, authentication, and more.
Let’s go straight to the TL;DR: we have just released a new Rego extension for the popular Zed editor! Providing both syntax highlighting and all the language server features of Regal that were previously available for editors like VS Code, or Neovim. The extension is available from the Zed extensions view, and you’ll find it by searching for “Rego”.
  |  By Nicholaos Mouzourakis
Filling in some blanks on large scale policy testing with Gusto‘s Nicholaos Mouzourakis.
  |  By Tim Hinrichs
Rego, the policy language of the Open Policy Agent (OPA), is known for its flexibility and power in policy enforcement across various systems. Its declarative syntax and data-centric approach make it versatile for application authorization, infrastructure as code (IaC) authorization, and network policies. To fully appreciate OPA/Rego’s capabilities, it’s helpful to compare it with other policy languages and frameworks like AWS’s Cedar and Google’s Zanzibar.
  |  By Anders Eknert and Peter Macdonald
The huge ecosystem of integrations has over time become a true differentiator for Open Policy Agent (OPA), and an embodiment of the project’s promise to provide policy across the “whole cloud native stack”. Integrating OPA into a new tech stack also tends to be a rewarding experience for developers, which might help explain why so many integrations have been provided by external contributors over the years.
  |  By Tim Hinrichs
Among other things, the OWASP organization delivers reports on the Top 10 most prevalent and important security risks for web-based software development. In 2019 they started reporting on the Top 10 API Security risks and refreshed that list in 2023. In this blog we describe how OPA/Styra can help with 9 of the 10 risks, and for each one we rate how impactful OPA/Styra is: Below we detail each of these 10 risks and briefly how to address them with OPA and Styra.
  |  By Charlie Egan
Relationship-based Access Control (ReBAC) is a common requirement when applying Policy as Code controls in modern applications. Consider sharing a document with a collaborator in a different organization. As the collaborator is in another organization, it might be hard to grant them a pre-defined internal role without granting more permissions than needed – if indeed an external identity can be bound to an internal role at all. This is where ReBAC comes in.
  |  By Eric Kao
The microservices architecture is a software development strategy in which applications are broken down into smaller components called microservices. Each microservice is responsible for a specific task or business function and communicates with other microservices through application programming interfaces (APIs). Effectively managing a microservices application requires monitoring, much like any other IT infrastructure.
  |  By Eric Kao
The accidental sharing of cloud access is an all-too-familiar story. In one latest incident, Microsoft’s AI research team accidentally exposed to the public 38 Terabytes of private data including internal messages, private keys, and passwords, according to a recent report . And all it took to cause this gigantic exposure was a few errant clicks in a configuration menu.
  |  By Anders Eknert
One of the most common questions people new to Open Policy Agent (OPA) and Rego ask is about how to express logical “OR” in the language. While there is no “OR” operator, Rego has no shortage of ways to express that, with some being more obvious than others. In this blog, we’ll take a look at the most common ways to express OR, and weigh the virtues of each method against the others. Hopefully you’ll learn a few tricks along the way.
  |  By Styra
The video discusses how policy as code creates more flexible, adaptable access control compared to the rigidity of RBAC. John Brothers from PACLabs joins Styra to share how to analyze roles and scopes, choose attributes, write policies, and roll out a successful migration.
  |  By Styra
Our DevRel guru Anders Eknert, and our eminent VP of Marketing, William Chia, talk about two new features in the OPA extension for VS Code — tooltips and inlay hints for built-in functions. Both provided by Styra's linter and language server for Rego, Regal.
  |  By Styra
Automatically uploaded from Zoom recording. Meeting ID:332405601.
  |  By Styra
Styra Load supports the Kafka API, which makes it possible to stream data updates to Styra Load. This can be useful when events representing changes to data used in policy evaluation are available on a Kafka topic. Here, Adam Sandor explains how you can use Kafta streaming data to make real-time policy decisions.
  |  By Styra
Styra Load allows you to assess the impact of policies against your current production resources. Here, Adam Sandor shows you how to use Live Impact Analysis to full effect — helping you to enforce robust policy without impacting production.
  |  By Styra
Styra Solutions Architect Ádám Sándor Sandor shares how to use Styra Link to enforce Kubernetes admissions control policies using a Git-based workflow with VS Code or your CLI.
  |  By Styra
Styra Developer Advocate Peter O'Neil shares how to download and install Styra Load, as well as how to hot swap Styra Load for an OPA instance.
  |  By Styra
Styra Developer Advocates Peter O'Neil and Charlie Egan share how to run performance benchmarks with Styra Load against standard OPA deployments. You will need access to a Styra Load license key to perform the local benchmarks.
  |  By Styra
Styra Declarative Authorization Service

Styra is the fastest and easiest way to put guardrails around your Kubernetes clusters--whether you’re a developer, an admin, or a bit of both.

Built on open-source, and declarative by design, Styra’s simple graphical library of customizable policies lets you easily mitigate risks, reduce human error, and accelerate development.

Security-as-code for Kubernetes:

  • Declarative by design: Manually “doing security” in today’s cloud-native environments is like a never-ending game of whack-a-mole. Styra works with Kubernetes to define, enforce, and monitor desired state, and eliminate the runtime guessing game.
  • Dynamic rules for dynamic environments: Simply put, Styra takes in business context, and outputs security decisions across your namespaces and clusters. Build policy-as-code directly via CLI, or with a simple point-and-click editor, and validate security before committing.
  • Portable, powerful policy: Styra allows you to define policy once, then enforce wherever necessary. No more best-effort security, no more policy silos. Built on the Open Policy Agent (the leading open source policy engine), enforcement is accurate, fast, and simple.

Policy-as-code guardrails to eliminate operational, security, and compliance risk