Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The Enterprise OPA Platform is growing fast. With some organizations having hundreds of teams managing close to a thousand applications, we knew it was time for a major UI upgrade—on top of all the backend optimizations we make behind the scenes. Today, we’re excited to introduce the new Styra DAS UI, designed to help IAM engineers and application developers manage authorization at an unmatched scale.

It is important that enterprises comply with audits. They help build trust in many of society’s most foundational organizations by creating transparency, accountability, and improving business practices. At the same time, enterprise scale compliance is really hard to get right.

We’re excited to announce the Policy SBOM feature is now generally available to all Styra DAS customers, giving enterprises transparency and traceability into deployed authorization policies. Just like a software bill of materials (SBOM) is an inventory of the components and dependencies in a software application, a Policy SBOM is an inventory of the policy modules, including their sources, versions, and dependencies, within an Open Policy Agent (OPA) policy bundle.

The Enterprise OPA Platform’s low-code policy builder empowers product owners and security analysts to design, review, and experiment on application permission logic directly.

Summer is here, bringing thoughts of the beach, travel, and relaxation. However, summer isn’t without its chores; gardens need work, and summer houses require maintenance. Sometimes these chores can be enjoyable and even therapeutic, but most importantly, they keep our projects in good condition, allowing us to unwind and enjoy the summer months.

Gartner projects that by 2026, 80% of software engineering organizations will have established platform engineering teams. The vision of platform engineering is ambitious: to empower developers with all the flexibility they need while minimizing complexity. This approach has already transformed infrastructure, deployment, data analytics, encryption management, authentication, and more.

Let’s go straight to the TL;DR: we have just released a new Rego extension for the popular Zed editor! Providing both syntax highlighting and all the language server features of Regal that were previously available for editors like VS Code, or Neovim. The extension is available from the Zed extensions view, and you’ll find it by searching for “Rego”.

Filling in some blanks on large scale policy testing with Gusto‘s Nicholaos Mouzourakis.

Rego, the policy language of the Open Policy Agent (OPA), is known for its flexibility and power in policy enforcement across various systems. Its declarative syntax and data-centric approach make it versatile for application authorization, infrastructure as code (IaC) authorization, and network policies. To fully appreciate OPA/Rego’s capabilities, it’s helpful to compare it with other policy languages and frameworks like AWS’s Cedar and Google’s Zanzibar.

The huge ecosystem of integrations has over time become a true differentiator for Open Policy Agent (OPA), and an embodiment of the project’s promise to provide policy across the “whole cloud native stack”. Integrating OPA into a new tech stack also tends to be a rewarding experience for developers, which might help explain why so many integrations have been provided by external contributors over the years.