Untitled (7)

An update from Cerbos!

This is an exciting moment for us as we are kicking off our newsletters! You are receiving this email because either we have met, chatted, or you’ve visited our website cerbos.dev and asked us to keep you up-to-date. If you don't want to receive these emails you can unsubscribe below, but we hope you stay!

 

What happened in the last 6 months?

Earlier this year we set about building Cerbos as we saw a clear need in the market for a solution to authorization and more specifically user permissions (you can read more why in our blog post “Why are we building Cerbos”).

 

Since then we have been busy developing Cerbos and last month took the big step and open sourced our core engine which you can find on GitHub. We are now up to v0.8 out just last week and have already got users putting it to the test. 

 

Off the back of this early development and releases, we are very excited to reveal that we have completed our seed funding round. We were overwhelmed with the amount of interest we received and we will be announcing more details about this very soon.

 

Cerbos use cases

Through our ongoing discovery process, we’ve talked to hundreds of potential users and customers about Cerbos, gathering requirements and feedback and we have now identified an initial four authorization use cases that Cerbos can solve:

  • Application Permissions: Go beyond roles! context aware authorization allows for fine grained access control to any resource in the system without hard coding logic and complicated spaghetti code
  • Product Packaging: With each customer having a different version of a package, trials and grandfathered features, have a central point which manages access across the system
  • Multi-tenant SaaS: Scaling your SaaS offering with controlled, audited and isolated environments per customer enforced by policies
  • Enterprise Ready: Easily enforce access control across the complex web of departments, offices and geographies of any organisation

We are producing lots more content, demos and case studies around these themes and would love to hear from you about what challenges you are facing that we can help solve with Cerbos.

 

How can one get started?

Our aim is to make Cerbos as easy as possible to get started with, so we have been busy creating comprehensive documentation:

  • Quickstart guide
  • Installation guide
  • Detailed information on the API, CLI and deployment patterns  

In addition to this we have created our first policy writing tutorial that demonstrates how to design policies for a photo sharing application, as well as releasing a number of demos:  Go REST API, GraphQL Demo, JSON Web Tokens and Python.

 

To simplify things every further we are publishing a set of SDKs with Java, Go and Node JS already available and more in the works covering Python, .NET and Ruby.

 

Finally, not everyone wants to go through the steps required to set up Cerbos locally, so now we have our Playground which is a fully-featured environment to compose, validate and test writing Cerbos policies. The advantage of being web-based is that it is possible to save policies online and share them easily with colleagues. We have a lot more planned for this tool and would love to hear your feedback on what  you would like to see.

Our team is growing

We have grown our team from just the two of us to a team of seven with key roles in Engineering, Product and Marketing now in place. Given that we believe authorization is a global problem, we are a global company with a “remote first” mindset - our team members are based across the globe including New Zealand, Turkey, Spain and the UK so you will always find someone online in our Slack community to chat with.

Industry News

Security is always a hot topic, especially in recent years, and The Open Web Application Security Project (OWASP) foundation has published their latest semi-annual trends report which highlights the top security issues seen in the wild.

 

In some great validation for our area of focus,  “Broken access control” has moved from #5 in 2017 to the category with the most serious web application security risk - only emphasizing the importance of having a scalable, manageable and modern approach to authorization. 

mapping

Furthermore, we have seen a number of sizable investments and acquisitions in our space from large software companies, both in the SaaS industry and more traditional enterprise, which clearly demonstrates that our solution is relevant not only for startups that are building new software, but also for large companies with more established applications that need to improve their access control to face the ever changing requirements.

 

Keep in touch

We would like to stay connected. You can find us on:

  • Slack where we connect with our user community and discuss features and help with questions they may have
  • Github where we host our code
  • social media on Twitter, LinkedIn, YouTube.

 

Looking forward to keeping in touch more regularly.

Cerbos Team

LinkedIn
Twitter
YouTube

Cerbos,, ABR, London, UK

Unsubscribe Manage preferences