Decouple authorization management from your core code using the stateless Cerbos solution. Focus on delivering exceptional products, not maintaining the authorization infrastructure.
Context-aware role definitions and attribute-based access control. Implement adaptable, granular security policies that exceed standard role-based access control.
Implement and update authorization policies in human-readable configuration. Improve visibility, collaboration and security.
Query for and only fetch the objects a principal has permissions to. Generate a dynamic set of conditions to filter based on access policy.
Stateless decision points that run inside your environment or at the edge (powered by WebAssembly) allow virtually unlimited scale.
"It's weird to say an outside company has our back, but Cerbos does. It's the people. It's their open-source code: it's high quality, you can read it, it does what it says on the tin"
"It's a good feeling being able to say yes to almost any permissioning requirement." "Cerbos is small, contained and easy to implement. It 100% delivers on the promise of abstracting away the complexity of decision making."
"We're not worried about scaling because we can easily increase our load on Cerbos. It will also be easy for us to change how we're distributing policies as we reach different points of scale."
"We went from one user - every role, to a world where there are many users - many roles. And the product, it relies on Cerbos to actually bring the value that we want to bring to customers. All of our customers are relying on Cerbos, by relying on the product, which is of course relying on Cerbos."
"Instead of thinking of how much time Cerbos has saved us, I think about how much time it didn't cost us. It didn't cost us any time. Cerbos just works. I don't have to think about it. It's as simple as that."
"One of our big considerations was speed. We have strict latency tolerances. When it comes to Cerbos - you can call it a hundred times during a request and it doesn't matter. It's incredibly fast."
"If it wasn't for Cerbos, one thing is for sure - we would've launched later than we did. As a result, we would have less customers. And the maintenance part is also very important. Our technical team would be dealing with daily stuff regarding access controls, access logs. Now, we don't have to spend any time on that."
"Cerbos policy writing is quite flexible, and deploying as a unit microservice as well. Cerbos "doesn't get in the way" once integrated, that's the best part."
"It is easy to implement and provides a solution for a problem that is often not properly addressed."
"Having the separation of the permissions from the code base just makes the code base more elegant. It makes the permissioning more elegant. It means they're centralized, so they're not tied to specific endpoints. And ultimately it means that different business owners have the ability to actually make updates."
"Just discovered your embedded testing framework. This is probably the best balance between hyperfocused functionality and embedded tooling I've ever seen in an open source project. Damn, good work!"
Stateless Cerbos Policy Decision Points (PDP) run in your environment and scale with your application. Deployed as a microservice in your VPC or evaluated at edge/on-device via WebAssembly, decisions are always made locally without requiring any lookups.
Cerbos Hub's fully-featured collaborative IDE for developing, iterating and testing policy provides instant feedback on changes and integrates into your Git-based workflow.
Implement a reliable CI/CD workflow with Cerbos' GitOps approach. Test and deploy intricate access control policies with confidence, enhancing your delivery quality. Reduce human errors and enhance security.
Capture every action tried and every decision made by your application in a consistent audit trail, compatible with your existing log collection or SIEM platform. Conform to ISO27001, SOC2 and HIPAA compliance with versioned and auditable decision chain.
Cerbos Hub streamlines policy updates with centralized management and real-time policy deployment. Gain insights into deployed PDP instances, tracking active policies, their versions, and more. Ensure all PDPs are synchronized and up-to-date.
Get up and running in minutes with the Cerbos SDKs or complete starter projects for common frameworks, servers, ORMs and identity providers. Start from templated policies for your vertical to get the basics in place fast, then customize for your business.
#1
Replace the spaghetti if/else case/switch code with a single function call.
Before
After
#2
Define the RBAC and ABAC rules in standardized policies.
#3
Call Cerbos API from anywhere in your stack - New requirements, new policies and conditions can be introduced without having to make a change to your core application.
Before
After
Replace complicated authorization logic with a single call and allow product owners or security teams to manage access without touching code.
Define and evolve complex policies without requiring further developer time.
Track and audit access requests, grants and denials without without requiring further developer effort.
Want to run authorization yourself?
Prototype policies in your browser right now
Check out our API reference and guides
Join our community on Slack and learn
Stories of Cerbos in production
Book an intro call and learn more
Join thousands of developers | Features and updates | 1x per month | No spam, just goodies.