I’m excited to announce that today we’ve unleashed Styra Declarative Authorization Service (DAS) for Cloud-Native Entitlements! Organizations are rapidly modernizing and migrating applications to the cloud, but they are often held back by legacy entitlement systems that are not compatible with today's scale and sprawl of cloud-native development models.
CVE-2022-23628 was published last week by the Open Policy Agent (OPA) project maintainers after a user reported unexpected behavior from a policy bundle that was built with optimizations enabled. The problem stemmed from a regression fix in the v0.33.1 release that addressed incorrect pretty-printing of Rego object literals by the `opa fmt` command and the underlying `format` package.
More than 90% of applications will be cloud-native by 2023. As organizations transition from monolithic, on-premise environments to dynamic cloud-based ones, ensuring access control becomes more critical — and complex. That’s why I co-created Open Policy Agent, also known as OPA. OPA unifies policy enforcement across the cloud-native stack.
The Payment Card Industry Data Security Standard (PCI DSS) entered the scene back in 2004 with the rise of payment fraud. Created by leaders in the credit card industry, PCI DSS was developed to provide a baseline of technical and operational requirements designed to protect cardholder payment data and was commonly understood by those in the legacy security world.
Before we talk about design patterns for Open Policy Agent (OPA) (what they are, why they’re beneficial, what their key ideas are, and how you might try to see them in action with sample data/apps in Styra Declarative Authorization Service (DAS) Free), it’s helpful to start with some background. When we designed the OPA at Styra, we aimed to make it flexible enough to solve every authorization and policy problem in the cloud-native space (and beyond).
It’s been a whirlwind year for Styra — from going fully remote as a company to raising $40 million in Series B Funding to more than doubling our workforce. We have a lot to be thankful for as a company, and before we say “goodbye” to 2021 and “hello'' to 2022, I wanted to take a moment to recap some of my favorite moments and initiatives of this past year.
Open Policy Agent (OPA) allows developers to accelerate time to market and focus on their differentiated work, instead of spending their time figuring out how they are going to write bespoke authorization policies. With OPA handling authorization decisions across the stack, each service, app or platform API just has to handle enforcement of OPA decisions.
