Since our last update, we have released the v2.0 Cerbos Prisma integration, enabling more powerful fine-grained authorization for our users, and have added SPIFFE identity parsing to Cerbos PDP.
Lastly, we’ve written a blog on the top open source tools that could be valuable for software architects, and reflected on our experience at the Gartner IAM Summit.
Authorize based on SPIFFE identities using Cerbos PDP
Cerbos PDP now supports native parsing of SPIFFE identities in authorization policies. This unlocks precise access control for authorizing calls based on non-human identities using the framework be it services, workloads, or any other compute job.
This feature introduces a set of Cerbos-specific extensions to the Common Expression Language (CEL) used in policy conditions which understand the structure of a SPIFFE ID such as trust domains, path components, or target the full identity string.
V2.0 Cerbos Prisma integration
With our latest update to the reference Prisma Query Plan Adapter, we’ve significantly expanded its capabilities, making it even easier to enforce fine-grained access control within applications using Prisma ORM.
Enhancements include expanded operator support, deep nested relations support, automatic field inference and type-safe mapping, improved collection handling, and performance optimizations.
These open up a range of new use cases for Prisma users integrating Cerbos, such as: Complex hierarchical permissions, multi-tenant applications, content moderation systems, and e-commerce platforms.
Each option - self-hosted, cloud-hosted, and SaaS - impacts security, compliance, performance, and operational control in different ways. Join Alex Olivier, CPO at Cerbos, and Dan Moore, Product Engineer at FusionAuth, for a webinar where they’ll share insights from working with hundreds of mid-size enterprises and multi-tenant SaaS companies, and walk through how to match deployment models to different use cases and budgets.
Identiverse, Las Vegas, NV, June 3-6. Use code Use code IDV25-CERBOS20 for a 20% discount on registration.
Meet our team members and check out their talks to get valuable insights:
Daniel Maher, Sr DevRel Manager, speaking at FOSS North, Gothenburg, Sweden, April 1-15. In his talk “AuthZ as a dev workflow”, Dan will explore modern authZ patterns, strategies for testing authorization rules, and techniques for making authorization an integral part of your development process from day one.
Alex Olivier, CPO and Co-Founder, speaking at CyberWiseCon EU, Vilnius, Lithuania, May 21-23. Alex will be giving two talks, where he will dive into the role of authZ in application security, as well as trends in modern application architecture.
Experience Cerbos and policy writing via an in-browserPlayground
You are receiving this email because either we have met, chatted, or you've visited our websitecerbos.devand asked us to keep you up-to-date. If you have been forwarded this email, you cansubscribeand receive future updates directly from us. If you prefer not to receive these updates, you can unsubscribe below, but we hope you stay!
.png?upscale=true&width=1200&upscale=true&name=cerbos-newsletter-banner-2024%20(21).png)
