Since our last update, the 🚀 updated Cerbos Hub has been launched to even better enable engineering, security, and IAM teams to manage authorization across any architecture at any scale! A new Cerbos Hub usage dashboard, policy execution trace view for tests, and Playground drag-and-drop support have also been released. Finally, the llms.txt format has been adopted to ensure the Cerbos documentation is as clear and accessible to LLM models as it is to users.

On the open source side, v0.46.0 of Cerbos PDP has been released. 

We published new resources to help teams strengthen their authorization strategy. These include a demo on using Cerbos with the Java Spring Security Framework, a walkthrough of integrating Cerbos with .NET Core Identity, and a guide on deploying Cerbos on AWS Lambda and API Gateway.

Beyond that, we have tackled broader architectural themes. Our latest content analyzes the recent trending of PBAC, sparked by KuppingerCole's coverage of PBAC as an effective approach for enterprise security. We also explored recent changes in the Open Policy Agent ecosystem - Styra shut down and Apple acquired the OPA team, leaving the project's future direction unclear. We presented alternative approaches for those looking to replace OPA.

We have also spoken on several podcasts, sharing our thoughts on the rising complexity of managing NHIs, why runtime contextual access control matters more than ever, and how to tackle these problems in a scalable, stateless, and standards-based way. In another podcast appearance, we unpacked what MCP is, why it's needed, and how it changes the game for identity and authorization in modern applications. 

Additionally, we wanted to highlight a podcast appearance of our user Human Managed, where Je Sum Yip spoke about how their platform was architected around composability, AI-assisted data processing, and fine-grained access control.

Finally, we are happy to share that Cerbos has received the 2025 API award for "Best in microservices infrastructure". Thank you all for the ongoing support!

Product Updates

Cerbos Hub

Cerbos Hub is the centralized control plane for every authorization decision across applications, AI agents, services, and workloads.

With the latest updates, organizations can now manage authorization for every identity in their system with full visibility, consistent policy enforcement, and alignment with a Zero Trust strategy.

This release expands Cerbos Hub's capabilities to address four key enterprise needs:

1. Fine-grained, tenant specific authorization
Enables SaaS companies to let customers define their own roles and rules without hardcoding customizations, with tenant-isolated policy storage and real-time updates within platform defined guardrails.

2. Dynamic policy management at scale
Automates the full lifecycle of authorization policies with programmatic creation, updates, and deployment to save engineering hours and accelerate releases.

3. Scalable non-human identity permission management
Provides centralized, policy-based authorization for microservices, workloads, and AI agents. Implements least privilege by default and maintains unified audit trails for all human and non-human access decisions.

4. Secure authorization for MCP servers
Controls which AI agents can access which Model Context Protocol tools using context-aware policies. Policies are evaluated per agent, per tool, and per session, with full audit context for compliance and debugging.

We're excited to share that secure MCP authorization has generated the most interest from our community so far. We ran a deep-dive webinar on this topic that shows exactly how it works - we'd love for you to check it out if you're curious!

Learn about Cerbos Hub
Get started with Cerbos Hub

Helpful Content

Ebook: How to adopt externalized authorization

Over the years, we have worked with hundreds of engineering, IAM, and security teams to help them adopt externalized authorization. 

This experience shaped our ebook. It gives readers a 10-step roadmap, from foundational planning to authorization phased rollout and long-term governance, to navigate this transformation. It’s packed with practical frameworks and policy examples.

If your team is exploring this path - we hope it gives you clarity, and saves you time.

Upcoming Events

Visit our booth at:

• Identity Week America, Washington DC, September 10-11. Booth 548. Stop by to chat about the future of authorization, and participate in our Lego raffle!

Meet our team members and check out their talks to get valuable insights:

• Alex Olivier, CPO and Co-Founder, will be attending and speaking at ISC2 Security Congress in Nashville, TN, October 28-23. Along with professionals from Apple and Google, Alex will be covering the topic of “Automating IAM for Compliance, Security, and Business Agility”. If you stop by to listen - let us know what you think!
• Alex will also be attending the Gartner IAM Summit in Grapevine, TX, December 8-10. Feel free to say hi and ask any questions you may have about authorization and ZTA.