Redwood City, CA, USA
Jan 25, 2023   |  By Chris Hendrix
The microservice architecture involves breaking the application into small interconnected services, each performing a specific task. This breakdown enables developers to work on individual services without affecting the rest of the application, leading to more agility and easier scaling. These services communicate through APIs and, as the number of services within an application increases, developers may introduce a microservice service mesh to control all the service-to-service communication.
Jan 24, 2023   |  By Adam Sandor
OPA Gatekeeper is the most popular solution for enforcing admission control policies on Kubernetes clusters. It was designed for policy management on a single cluster. Styra DAS (built by the creators of OPA) aims to provide the next step for enterprise companies with centralized policy management over tens or hundreds of clusters and policy use cases beyond Kubernetes. In this post, we explain how Styra DAS differs from OPA Gatekeeper and how our enterprise focus led to different design decisions.
Jan 18, 2023   |  By Paul Foryt
Styra is today introducing a better way for platform engineering teams to empower hundreds or thousands of developers and accelerate their infrastructure deployments, including the broadest policy library and infrastructure authorization toolset for Kubernetes, Terraform and CloudFormation.
Dec 19, 2022   |  By Will Seaton
Policy-based access management (PBAM) uses decoupled policy as code and a policy engine to provide real-time authorization decisions throughout the cloud-native ecosystem. This article presents an overview of policy-based access management, its benefits and implementation methods.
Dec 15, 2022   |  By Will Seaton
As AuthZ Becomes Mainstream, Policy as Code, Infrastructure as Code and Software Supply Chain Security Will Merge It’s the holiday season, which means it’s time for the greatest gift of all: next year’s predictions. Last year, we predicted that in 2022 security teams will embrace cloud-native tools to automate manual checks, that enterprises will increasingly shift on-prem resources into the cloud and that we’d see the emergence of a clear authorization market.
Dec 14, 2022   |  By Will Seaton
Enterprises cannot implement Zero Trust cybersecurity without real-time dynamic authorization and authentication for every access request. The principles of Zero Trust and Identity and Access Management (IAM) best practices help fill the gaps that traditional cybersecurity systems often create and ignore.
Dec 13, 2022   |  By Anders Eknert
Identity and access management (IAM) is an integral part of security systems. Without proper authentication and authorization, it would be impossible to practice cybersecurity principles such as zero trust and least privilege. By now, most organizations have a firm grasp on the identity part of IAM, including concepts like multi-factor and token-based authentication.
Dec 8, 2022   |  By Jeff Broberg
Traditional or static authorization methods no longer meet the demands of today’s digital business environment. Data breaches are on the rise (a 23% increase in 2021, as per the Identity Theft Resource Center), forcing organizations to re-evaluate their security and compliance practices.
Dec 7, 2022   |  By Sean Roth
Setting employee controls for IT to manage is the biggest challenge to cloud-native expansion, according to 64% of the developers surveyed in our 2022 Cloud-Native Alignment report.
Dec 6, 2022   |  By Danny Baier
The Open Policy Agent (OPA) is a policy engine that brings the speed, reliability and flexibility of decoupled policy as code to a wide range of authorization use cases across the cloud-native ecosystem. OPA is a Cloud Native Computing Foundation (CNCF) graduated project and has become an industry-wide standard for authorization, with several leading enterprises implementing it in their business-critical cloud systems.
Jan 25, 2023   |  By Styra
In this video, Styra Solutions Architect Ádám Sándor shares how teams can use OPA and Styra DAS to manage the deprecation of Kubernetes PodSecurityPolicy (PSP) in Kubernetes v1.25. Not only can OPA can work in tandem with the new Pod Security Admission, but dedicated PSP Policy Packs with Styra DAS can help automate many of these necessary changes.
Jan 25, 2023   |  By Styra
Security teams must constantly scan infrastructure for policy violations. HashiCorp’s Terraform Cloud, and Styra DAS, an OPA-based authorization management platform, work together to keep infrastructure compliant by mandating verification of Terraform configurations at provisioning.
Dec 13, 2022   |  By Styra
Ed Paget, Decision Platform at Chime
Dec 13, 2022   |  By Styra
Ian Rudie, Principle Engineer at T-Mobile
Nov 18, 2022   |  By Styra
James Chacon, Principal Engineer Learn how Snowflake developed SansShell, an open source tool, to help them audit actions done on a machine, and why they turned to OPA as their authorization mechanism. This session will also cover how the team worked through policy challenges as they scaled.
Nov 18, 2022   |  By Styra
Tim Hinrichs, CTO, Styra, & Co-founder, OPA Learn about some of the most popular design patterns for cloud native authorization and OPA, covering the types of policies, architectures, and data dependencies for each. Also hear about how data volume, dynamicity and consistency can effectively exert gravitational pull to influence your authorization architecture.
Nov 8, 2022   |  By Styra
Torin Sandall, VP of Open Source at Styra and co-founder of Open Policy agent answers core questions regarding best practices for turnkey SaaS authorization with a Styra Run demo.
Jul 25, 2022   |  By Styra
Dec 17, 2021   |  By Styra
Learn how to tightly control traffic flow to, from and between microservices with Styra Declarative Authorization Service (DAS) & Kong Mesh. When it comes to the digital transformation journey, teams are often faced with distributed software architectures in order to accelerate innovation and reduce costs. With Styra Declarative Authorization Service (DAS) now integrated with Kong Mesh, teams have the collaboration tools and visibility required to manage service mesh traffic via Open Policy Agent (OPA) at a global scale.
Mar 2, 2020   |  By Styra
Styra Declarative Authorization Service

Styra is the fastest and easiest way to put guardrails around your Kubernetes clusters--whether you’re a developer, an admin, or a bit of both.

Built on open-source, and declarative by design, Styra’s simple graphical library of customizable policies lets you easily mitigate risks, reduce human error, and accelerate development.

Security-as-code for Kubernetes:

  • Declarative by design: Manually “doing security” in today’s cloud-native environments is like a never-ending game of whack-a-mole. Styra works with Kubernetes to define, enforce, and monitor desired state, and eliminate the runtime guessing game.
  • Dynamic rules for dynamic environments: Simply put, Styra takes in business context, and outputs security decisions across your namespaces and clusters. Build policy-as-code directly via CLI, or with a simple point-and-click editor, and validate security before committing.
  • Portable, powerful policy: Styra allows you to define policy once, then enforce wherever necessary. No more best-effort security, no more policy silos. Built on the Open Policy Agent (the leading open source policy engine), enforcement is accurate, fast, and simple.

Policy-as-code guardrails to eliminate operational, security, and compliance risk