Cerbos Hub simplifies authorization management

Cerbos announced the general availability of Cerbos Hub, following a successful beta phase. Cerbos Hub is a managed Policy Administration Point offering for the popular open source authorization product, Cerbos Policy Decision Point (PDP).

Cerbos lets teams provide the right access to the right person and the right service, across any application and at web scale. It performs hundreds of millions of authorization checks every month, powering countless applications, processes and decisions.

Since its launch at the end of last year, Cerbos Hub has managed over 5,000 policy updates and deployments, saving developers, product, and security teams countless hours when making changes to their authorization logic. Over 500 organizations have praised the platform for its ease of implementation, scalability, and ability to simplify complex authorization requirements.

“Authorization no longer needs to be a headache. The feedback we received during our Beta highlights how Cerbos Hub allows businesses to prioritize their core activities over authorization challenges. It’s gratifying to witness the shift towards externalized authorization, helping organizations save time and concentrate on delivering value,” said Emre Baran, CEO of Cerbos.

Cerbos Hub simplifies the implementation, management, and delegation of fine-grained access control, providing robust authorization management for modern infrastructures. With Cerbos Hub, the permissions logic is centrally defined through a real-time collaborative workflow, following existing Identity Governance and Administration (IGA) processes, and then distributed to all deployed PDP instances across their infrastructure, ensuring they remain synchronized and up-to-date.

It is a stateless, scalable, and collaborative solution for teams who want to save time, streamline their workflows, and confidently roll out authorization updates. The solution supports all combinations of deployments: on-premise, cloud, serverless architectures, edge devices, and in-browser runtimes.

Cerbos Hub has been adopted by numerous leading companies across various industries, including finance, healthcare, and SaaS.

“Modern applications need to perfectly balance infrastructural security with flexibility to changing demands from customers, regulators, and product managers,” says Edgar Rivera, CTO at digital bank 4G Capital, “Cerbos Hub was an essential part of achieving that balance at 4G Capital, and it made our application more cost and labor efficient. We saved over $260k in yearly service costs by implementing Cerbos Hub, and countless hours of the engineering labor it usually takes to maintain a flexible authorization system.”

Key features of Cerbos Hub

Cerbos Hub offers a range of powerful features that simplify authorization management:

• The fully managed Policy Administration Point handles the precise details of policy management and coordinates with the Cerbos PDP instances running inside the environment, without external dependencies, ensuring that the developer stays in control while maintaining low-latency authorization checks.
• The embedded PDP capability, powered by WebAssembly, enables authorization to be distributed to more computer locations, both at the edge and onto client devices synchronized with the same set of policies running in the backend infrastructure.
• A collaborative policy playground lets users collectively iterate on policy, get real-time feedback on changes, and evaluate test suites right from the browser. Users can test the integration with their application without requiring any infrastructure or services.
• The managed Cl pipeline radically simplifies policy testing and distribution, and policies remain in the team’s GitHub repo which they can control and manage access to adhering to the business’s existing governance processes.

Cerbos takes a unique stateless approach that enables limitless scale. As application usage and authorization logic complexity grows, Cerbos can be scaled up to handle the increased volume without any limits or additional infrastructure.

At the same time, Cerbos takes a policy-based approach that keeps all authorization rules centralized and manageable, externalizing them from the codebase. This enables roles and permissions rules to be updated without rewriting code, all while maintaining strong audit logs, a requirement for regulated industries.

Future of authorization

Cerbos Hub is set to transform how organizations handle authorization. By providing a centralized, easy-to-use platform for managing complex policies, Cerbos Hub empowers businesses to focus on growth and innovation without being bogged down by authorization challenges.

Cerbos’ work is part of a bigger picture, which is why the company is a leading authorization vendor working as part of the OpenID Foundation AuthZen Working Group. This collaboration underscores Cerbos’ commitment to improving interoperability and standardization in authorization, ensuring that the Cerbos solutions are not only powerful but also universally compatible.