Since our last update, we have released v0.44.0 of Cerbos PDP, along with role policies and scoped resource policies - enabling robust access control that isolates tenant data and operations, while maintaining flexibility and scalability for multi-tenant SaaS.
We also published practical resources to help teams strengthen their authorization strategy. These include a guide for integrating Cerbos with Kong, a walkthrough on implementing role-based access control in Ruby, and a deep-dive into mapping business requirements to authorization policy for fintech.
We shared our view that authorization should enable great software, not hinder it. In the blog, we explore how teams can avoid security gaps and hours lost to wrestling with permission logic by getting authorization right early. Building on our experience helping teams secure non-human identities, we also put together a write-up on 5 authentication methods for NHIs.
🎉We’re also excited to share recent success stories from teams using Cerbos. By implementing Cerbos, Utility Warehouse gained control over 4,500 services and secured millions of NHIs. While BarrierSystems integrated Cerbos into their smart vehicle access gates, cutting internal costs by 15%. Thank you to both teams for trusting Cerbos as part of their journey.
As a bonus, we wanted to highlight a great upcoming opportunity. Kolomiiets Technical Inform – Online Conference, a Ukrainian-language technical event happening on July 5, 2025 will include a session by one of our community members: “Flexible access control in modern applications: an introduction to Cerbos”. It’s a great chance to learn about Cerbos, as well as DevSecOps, security and architecture, in your language.
Product Updates
Cerbos PDP
Version v0.44.0 of Cerbos PDP, along with role policies and scoped resource policies, has been released.
As SaaS applications grow, managing access for numerous tenants, users, and roles becomes complex.
As a result of the latest updates, developers can build systems that are both powerful for tenants and safely controlled by the platform provider, by layering platform-wide guardrails with tenant-specific customizations. This approach ensures data isolation, supports custom role requirements, and scales effectively as the SaaS application grows.
We have written more about this, along with an example on solving multi-tenancy for a SaaS HR platform, on our blog.
In 2025, NHIs surged with the rise of AI agents, microservices, and distributed cloud systems. Our latest ebook gives readers a practical roadmap to secure NHIs in their stack, with Zero Trust principles at the core.
It includes 20 NHI and AI agent risk vectors, 12 security principles and 35 steps for NHI governance, insights from NHI breaches (Okta, GitHub, and Microsoft), and expert opinions from CISOs, security architects, and EMs working on IAM programs that include NHI security.
Meet our team members and check out their talks to get valuable insights:
Alex Olivier, CPO and Co-Founder, will be attending the DevOps Exchange meetup in London, July 24. Feel free to say hi and ask any questions you may have about authorization and ZTA.
Daniel Maher, Sr DevRel Manager, speaking at DevOpsDays Rio de Janeiro, August 16. Stop by to listen to his talk “Code is not enough: Grow your career without leaving your terminal"!
Experience Cerbos and policy writing via an in-browserPlayground
You are receiving this email because either we have met, chatted, or you've visited our websitecerbos.devand asked us to keep you up-to-date. If you have been forwarded this email, you cansubscribeand receive future updates directly from us. If you prefer not to receive these updates, you can unsubscribe below, but we hope you stay!
.png?upscale=true&width=1200&upscale=true&name=cerbos-newsletter-banner-2024%20(3).png)
