Since our last update, we have been focused on a major evolution of Cerbos and tackling the growing authorization challenges around AI agents and infrastructure.

🚀 We officially launched Cerbos Synapse and explored how Cerbos has evolved to a complete enterprise authorization management platform spanning applications, infrastructure, and AI.

To help teams strengthen their authorization strategy, we published practical guides on governing AI coding agents with policy-based controls, and on the infrastructure side, covered implementing row-level security for Apache Trino and adding authorization to legacy applications with zero code changes. We also broke down how to map business requirements to authorization policy for utilities.

For security and business leaders, we published a guide to implementing zero trust through adaptive access control, examined five authorization blind spots auditors commonly flag in regulated enterprises, and explored why AI agents are turning authorization into a right-now problem rather than something teams can defer.

Customer spotlight: Utility Warehouse

Utility Warehouse secured authorization across 4,500+ internal services with Cerbos, including legacy applications, without rebuilding any of them. They reclaimed months of development time and now have complete visibility into every access decision for compliance.

Product Updates

Cerbos Synapse

Authorization has four distinct problems: getting the right data to the engine, evaluating policy against it, enforcing decisions in applications, and managing policies at scale. With the release of Cerbos Synapse, Cerbos now has a dedicated component for each.

Today, every team that needs authorization ends up building the same data-fetching middleware independently. Synapse eliminates that duplicated effort by gathering identity, resource, and relationship data from your existing systems and delivering complete context to the policy engine, so teams don't have to build that plumbing themselves. 

Swapping an identity provider becomes a configuration change, not a codebase-wide rewrite, and compliance teams get full audit visibility into how data reaches every authorization decision.

Learn about Cerbos Synapse

Helpful Content

[Checklist] The IAM security checklist for 2026

IAM gaps remain one of the most common root causes of breaches, and most teams don't have a clear picture of where they stand. 

This checklist is a practical, priority-ranked assessment of the IAM controls that matter most in 2026, built from what we've learned working with enterprise security teams, industry experts, and leading identity events including Gartner IAM, Identiverse, and EIC.

Upcoming Events

Visit our booth at:

• EIC, Berlin, May 19-23. Stop by the Cerbos candy bar for a chat! Don’t miss the panel “Signals, policies, and identity agency: A smarter identity layer” where Alex Olivier, along with other industry experts, will explore how identity platforms are shifting from static rules to continuous, signal-informed decisioning.

Meet our team members and check out their talks to get valuable insights:

• DevWorld, Amsterdam, May 7-8. Alex Olivier, Cerbos' CPO and Co-Founder, will explore why access control failures increasingly manifest as outages, incidents, and production instability.
• Identiverse, Las Vegas, June 15-18. Alex will join Vatsal Gupta of Apple for the talk "Access reviews are dead. Long live decision governance". Stop by and let us know what you think!
• IIW, Mountain View, CA, April 28-30. Alex will join Atul of CrowdStrike for a demo session of the AuthZEN MCP Profile. Come see it in action.