Cerbos

🚀🥳#CerbosHub has successfully transitioned from Beta to #GeneralAvailability! Huge thank you to our community for your support, and to 500+ organizations that have put their trust into Cerbos Hub! 🧡 Find out more: bit.ly/3Ws9R55 #Cerbos #GA #Authorization

An #IdP signs a token and stamps a list of claims that every downstream system trusts for an hour. That list is an #authorization decision. Most identity teams don't manage it like one. No policy behind it. No decision log. No clear owner. bit.ly/4tOlzof

Cerbos is at #eic2026 🍭Find @emre & @alexolivier at our candy bar on Level C, opposite Starter Program sponsors. Alex is also on three panels. #OpenID for the Enterprise, Signals/Policies/Identity Agency, and #AuthZEN deep dive. @kuppingercole #IdentitySecurity

Your authorization is only as strong as the decision made at the moment a request arrives. Everything else is hope. New post on #runtime #authorization platforms 👇 bit.ly/3PQaNjf

Most #AI agent #governance plans have a kill switch in them. In healthcare or finance, flipping it just creates the next incident. The fix is a dimmer switch. Fade access down, narrow the policy, keep the lights on. bit.ly/4danyhF #authorization

The Cerbos PDP rule table index now runs on a custom #bitmap with a meta layer that proves two bitmaps don't overlap before doing any per-word work. Three months of rewrites, hot path now 6.6 µs per op. Full writeup from Sam: bit.ly/434EMqF

Cerbos is at #eic2026 next week 🍬Catch our candy bar on Level C and chat authorization, AuthZEN, or AI agents. Two panels @alexolivier will be on: "Signals, Policies, and Identity Agency", "Leverage OpenID AuthZen". See you in Berlin! @kuppingercole #IdentitySecurity @emre

Cerbos Newsletter May 2026 📢 bit.ly/4uIY6pg ✅Governing #AI agents ✅#Authorization management platform ✅The case for on-premise authZ ✅#AuthZEN, #SharedSignals, #SCIMEvents, and #IPSIE ✅#Claude skill for writing authZ policies Subscribe: bit.ly/3MGNwuW

Notes from @alexolivier on the @openid Enterprise Panel. Shared Signals keeps data fresh. #AuthZEN turns it into a real-time decision. SCIM Events handles lifecycle. IPSIE describes what good looks like. Big gap is reference architectures. bit.ly/3QWK1pL

An agent kicks off booking a hotel and 50 tool calls later is wiring money to a Cayman account. Each call passes policy on its own. The gap between declared intent and runtime behaviour is where authorizing AI agents gets hard. @alexolivier's #IIW42 recap bit.ly/4wkzC7u

Cerbos PDP v0.52.0 and v0.53.0 are out 🚀 v0.52.0 lands meaningful performance work and new #CEL path functions, while v0.53.0 hardens the #JWT verification flow and resolves a query plan regression introduced in v0.50. Full release notes: bit.ly/4nfYFo3

"can this user do X on this resource right now" If answering that means grepping three services, 2 YAML configs, a 2022 access ticket - you've seen why #AuthorizationManagementPlatform s are emerging What they are, how they work, where they fit: bit.ly/4tReLH4 #AMP

An #AI coding agent deleted #PocketOS's production database in 9 seconds. Backups included. A rule inside the agent's prompt is a suggestion. The fix is #authorization that lives outside the agent. @emre wrote up what would have stopped it 👉 bit.ly/4n2P7g1

Is self-hosted #authorization better than cloud-hosted? Not necessarily. Goal is to match the deployment to your constraints. #Onprem: strict data residency, air-gapped, regulated industries. #Cloud hosted: everyone else. bit.ly/4u7GSSi

The hard part of #authorization is translating "editors can update posts in their department, admins can't touch customer records" into a precise spec We built an agent skill that does it for you. Plain language in, full Cerbos #policy bundle out Guide: bit.ly/492TQbD

OWASP found 100% of apps tested had broken access control. Add AI agents (adoption jumped from 11% to 42% in 2025) and fragmented #authorization becomes an #incidentresponse nightmare. Here's how centralized policy governance fixes it 👇 bit.ly/41FOFdK

Cerbos Newsletter April 2026 📢 bit.ly/4enQweH ✅Cerbos Synapse - context for #authorization decisions ✅#IAM security checklist for 2026 ✅Authz for #legacyapps ✅Authorization policy for #utilities ✅Blind spots auditors flag Subscribe: bit.ly/3MGNwuW

Legacy app authorization never gets fixed because engineering can't modify the app and security can't govern what they can't see. Cerbos Synapse puts an #authorization layer in front of it instead. No code changes, no rewrite. Walkthrough 👉 bit.ly/3Q0zQjx #Legacyapp

MFA deployed. #IdP configured. #IGA funded. And #audit still finds gaps. Because "can you prove who accessed what, when, and why" lives in #authorization, not authentication. The 5 blind spots most audits surface 👇 bit.ly/4eeVtGA

Trino #accesscontrol that goes beyond tables. Row-level filtering, column masking, and audit logging, all through Cerbos policies via the existing OPA plugin. No #Trino changes needed. bit.ly/4mg26KJ

78% of CISOs now report concern about personal liability for security incidents. The #IAM gaps you haven't found are where that liability starts. We built a checklist to help you find them first. 9 risk domains. Prioritized action plan. bit.ly/4bGZ25M