Since our last update, we have released v0.42 and v0.43 of Cerbos PDP, introducing smarter logging, and native support for SPIFFE identities - making it easier to authorize service-to-service interactions in complex systems.
We also published practical resources to help teams strengthen their authorization strategy. These include an in depth-framework for evaluating authorization solutions, a guide into avoiding authorization anti-patterns, and a curated list of 20 open-source tools to design more resilient Zero Trust architectures.
We reflected on our experience at KubeCon Europe. On the Identerati Office Hours livestream, we explored why embeddable PDPs matter - including their benefits, trade-offs, and how to get started. And on the Software Engineering Radio podcast, we dug into the benefits and challenges of externalized authorization, when to build vs. buy, and why authorization in AI-driven systems must remain deterministic.
Finally, Cerbos was named HackerNoon’s Startup of the Year 2024 in Access Control. Thank you for your support! This win is a shared one. Onward 🚀
How do you currently work with NHIs? Would you like to give your opinion on securing NHIs for our upcoming eBook? Just reply to this email - we'll follow up with a few quick questions.
Product Updates
Cerbos PDP
Versions v0.42.0 and v0.43.0 of Cerbos PDP have been released, providing support for SPIFFE identities in policies, enhancing the structure of audit logs, and further reliability during policy updates.
The native support for SPIFFE identities makes it easier to authorize service-to-service interactions based on trusted workload identities. This is especially powerful for teams adopting SPIRE, Istio, or other identity-aware service infrastructure. We have written about this more with some example policies in this blog.
Audit logs have been upgraded to improve observability and downstream processing. Nested attribute values are now logged as structured objects, allowing log analysis tools to extract the full context for use in analysis or visualization in dashboarding tools.
You can find the full release notes here: v0.42.0, v0.43.0
Discover 20 powerful OSS tools for identity, access control, workload auth, and network segmentation that can help you build ZTA. Take a closer look and see how these tools can help strengthen your security posture, step by step. And let us know if we forgot some awesome tool!
Upcoming Events
Visit our booth at:
Identiverse, Las Vegas, NV, June 3-6. Stop by for a chat at booth 323. Use code Use code IDV25-CERBOS20 for a 20% discount on registration.
Meet our team members and check out their talks to get valuable insights:
Daniel Maher, Sr DevRel Manager, speaking at AuthCon (API Days) in New York, May 14-15. In his talk “Patterns of failure in modern auth”, Dan will explore modern authN and authZ systems, and real-world incidents related to auth at companies like Meta, Microsoft, and Okta, digging into what went wrong. If you’d like to see how fancy distributed architectures can create fun and exciting new ways for things to break - make sure to stop by!
Alex Olivier, CPO and Co-Founder, speaking at CyberWiseCon EU, Vilnius, Lithuania, May 21-23. Alex will be giving two talks, where he will dive into the role of authZ in application security, as well as trends in modern application architecture.
Experience Cerbos and policy writing via an in-browserPlayground
You are receiving this email because either we have met, chatted, or you've visited our websitecerbos.devand asked us to keep you up-to-date. If you have been forwarded this email, you cansubscribeand receive future updates directly from us. If you prefer not to receive these updates, you can unsubscribe below, but we hope you stay!
.png?upscale=true&width=1200&upscale=true&name=cerbos-newsletter-banner-2024%20(23).png)
