Styra, Inc. introduced the
industry's broadest policy library and toolset for infrastructure to its
Styra Declarative Authorization Service (DAS). To address security
concerns associated with the use of containers, Styra now provides NIST
Special Publication (SP) 800-190 compliant policies within its expanded
library that includes hundreds of validated policies. Styra accelerates
secure, compliant cloud-native infrastructure deployments, and equips
enterprise platform teams to systematically deploy resources for
distributed developers - saving time and resources while safeguarding
security best practices.
As enterprises accelerate the delivery of cloud-native applications to
meet business goals, platform engineering teams remain under increasing
pressure to deliver secure, compliant, and operationally sound
infrastructure in lock-step with developers' needs. Often supporting
hundreds or even thousands of developers, small platform engineering
teams have no choice but to allow developers direct operational access
to cloud and container platforms so they can launch and upgrade
applications and the software-defined infrastructure their applications
run on.
To ensure security, compliance, and operational health, platform
engineers repeatedly write or customize software that prevents
developers from making mistakes and over time build customized
guardrails that automatically enforce security rules, compliance
regulations, and other operational policies each time a developer makes a
change. This effort is often undifferentiated heavy lifting which
introduces complexity, risk, and poses a significant roadblock to
on-time delivery.
During a time when enterprises can't afford to trade off security and
business time-to-market, platform engineering teams can benefit from
validated building blocks, policy editing for business users, and
policy-as-code guardrails to safely deliver infrastructure resources
instead of building them from scratch in-house.
"As software developers race ahead with building new cloud-native
applications, the pressure on platform engineering teams to rapidly
configure and deploy secure environments has never been felt more
acutely, especially in the face of today's threat landscape and
stringent regulatory compliance," says Paul Foryt, Director of Product
Management at Styra. "Policy-as-code authorization is now an essential
part of building applications and infrastructure they run on. Being able
to confidently depend on pre-built policies and features is a huge
advantage to getting secure infrastructure deployed securely and fast."
Styra empowers platform teams managing infrastructure to:
-
Eliminate manual policy creation and systematically reduce
production risks for infrastructure deployments with easy-to-deploy
policy templates and editing tools.
-
Easily enforce best practices and compliance for Kubernetes clusters with
NIST SP 800-190 compliant policies from Styra, plus an expansive
collection of Styra validated policies for PCI DSS, MITRE ATT&CK,
CIS Benchmarks, and Pod Security Compliance.
-
Deploy faster with hundreds of Styra validated AWS, Azure, GCP,
and Kubernetes policies for Terraform from leading open-source tools and
libraries.
-
Enforce policy guardrails on CloudFormation stacks preventing AWS
resource misconfiguration in final resource change checks with the
first general-purpose third-party CloudFormation hook from Styra.
Styra provides an authorization platform, built on OPA, to manage access
and security controls across cloud-native infrastructure and
applications. Initially focused on policy-as-code guardrails for
Kubernetes, ensuring workload compliance for internal and external
regulations, Styra extended its policy-based authorization to
microservices, gateways, and cloud-native entitlements management. With
ongoing additions to its Styra Declarative Authorization Service (DAS),
the company continues to provide customers and the OPA community
industry-leading enterprise authorization.