Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Styra

How to Enforce an Access Control Policy

Access control is the process of dictating who or what can access resources and assets and what actions are allowed once access is granted. An access control policy, by way of an enforcement mechanism, puts those parameters into action. Safeguarding data, IT systems and applications requires a robust access control solution, especially where financial, medical and other sensitive data is concerned.

AI-Generated Infrastructure-as-Code: The Good, the Bad and the Ugly

With the rise of OpenAI’s GPT-3, ChatGPT and Codex products, as well as GitHub’s CoPilot and numerous competitors, today we’re seeing developers experimenting with AI to help augment their development workflows. While at first these efforts focused on more commonly used programming languages, such as Javascript and Python, the AI use cases are now expanding to Infrastructure-as-Code (IaC) configurations.

Deeper Dive: Updates to Our Kubernetes Essential Policy Toolkit

Last week we announced the broadest policy library and toolset for Kubernetes, Terraform and CloudFormation. This work is part of our effort to support platform engineering and cloud infrastructure teams with policy guardrails, as they work to support hundreds (or thousands) of developers. But what does this exactly mean for Kubernetes users? Today we’ll cover the Styra DAS features and policies that are now at your fingertips for those managing Kubernetes clusters.

Moving on From Pod Security Policy with OPA and Styra DAS

In this video, Styra Solutions Architect Ádám Sándor shares how teams can use OPA and Styra DAS to manage the deprecation of Kubernetes PodSecurityPolicy (PSP) in Kubernetes v1.25. Not only can OPA can work in tandem with the new Pod Security Admission, but dedicated PSP Policy Packs with Styra DAS can help automate many of these necessary changes.

HashiCorp +Styra: Validate Terraform Infrastructure using Styra DAS and Terraform Cloud

Security teams must constantly scan infrastructure for policy violations. HashiCorp’s Terraform Cloud, and Styra DAS, an OPA-based authorization management platform, work together to keep infrastructure compliant by mandating verification of Terraform configurations at provisioning.

What is Service Mesh in Microservices?

The microservice architecture involves breaking the application into small interconnected services, each performing a specific task. This breakdown enables developers to work on individual services without affecting the rest of the application, leading to more agility and easier scaling. These services communicate through APIs and, as the number of services within an application increases, developers may introduce a microservice service mesh to control all the service-to-service communication.

Beyond OPA Gatekeeper: Enterprise-scale Admission Control for Kubernetes

OPA Gatekeeper is the most popular solution for enforcing admission control policies on Kubernetes clusters. It was designed for policy management on a single cluster. Styra DAS (built by the creators of OPA) aims to provide the next step for enterprise companies with centralized policy management over tens or hundreds of clusters and policy use cases beyond Kubernetes. In this post, we explain how Styra DAS differs from OPA Gatekeeper and how our enterprise focus led to different design decisions.