Redwood City, CA, USA
Mar 4, 2021   |  By Bill Mann
In this pandemic-defined era of rapid retail transformation, the digital shopping experience has become tantamount to the success of the business. As a result, retailers have redoubled their efforts to improve digital applications and services.
Feb 25, 2021   |  By Tim Hinrichs
Devops teams are flocking to GitOps strategies to accelerate development time frames and eliminate cloud misconfigurations. They should adopt a similar ‘as-code’ approach to policy. One risk in deploying fleets of powerful and flexible clusters on constantly changing infrastructure like Kubernetes is that mistakes happen. Even minute manual errors that slip past review can have substantial impacts on the health and security of your clusters.
Feb 17, 2021   |  By Anders Eknert
The webhook feature of the Kubernetes API offers a powerful mechanism to extend the modules that comprise the Kubernetes API servers with custom code for authentication, authorization and admission control.
Feb 10, 2021   |  By Chris Webber
Let’s say you were going to plan a security project. (Almost any project, really.) The following might be a pretty solid list of goals to aim for: That’s a pretty solid list - and might even read like “too much to ask for.” Yet, it’s exactly what SugarCRM received after deploying Styra DAS to manage Open Policy Agent (OPA) for Kubernetes guardrails.
Feb 9, 2021   |  By Tim Hinrichs
How Open Policy Agent allows developer teams to write and enforce consistent policy and authorization across multicloud and hybrid cloud environments As multicloud strategies become fully mainstream, companies and dev teams are having to figure out how to create consistent approaches among cloud environments.
Feb 4, 2021   |  By Torin Sandall, Tim Hinrichs
We’re really excited to announce that Open Policy Agent (OPA) is now a graduated project in the Cloud Native Computing Foundation (CNCF)! OPA joins projects like Kubernetes, Envoy, Prometheus, Fluentd (and ten others) that the CNCF recognizes for achieving broad adoption by the cloud-native community and maturity in its development processes. As the creators of OPA, we couldn’t be prouder!
Feb 3, 2021   |  By Gustaf Kaijser
In order to meet the increasing demand for OPA in EMEA, Styra and Amazic have signed a distributor agreement. With Amazic network of partners and resellers, Styra will significantly increase the reach and ability to support OPA users across the region. I’m excited to announce that Styra is now partnering with Amazic in Europe! Amazic empowers the IT individual by providing them with a unique platform of brands to discover, learn, purchase and market the latest IT technologies.
Jan 25, 2021   |  By Anders Eknert
In order to make policy decisions we commonly need to know the identity of the caller. Traditionally this has often been done by providing a user or client identifier along with the request, and using that identifier to look up further information like user details or permissions from a remote data source. While this model works fairly well for many applications, it scales poorly in distributed systems such as microservice environments.
Jan 20, 2021   |  By Bill Mann
I think we can all agree that 2020 was a year like no other. For enterprises, we’ve had to transition to a fully digital and cloud-first business, whether it was our workspace, security, technology, culture, or (and in most cases) all of the above. Thankfully at Styra, we’re lucky to have such a great team, community, and customer base that helped us not only navigate 2020, but make it a success.
Dec 17, 2020   |  By Amey Deshmukh
If you have used Open Policy Agent (OPA), you must have used OPA Playground to write and test out your Rego policies. I always wished for a feature where the policies in the playground can be directly applied in OPA. Basically, a control plane which allows policy authoring and enforcement easily. In KubeCon NA 2020, Styra (creators of OPA) launched a free edition of their Declarative Authorisation Service (DAS).
Dec 4, 2019   |  By Styra
From the Open Policy Agent Summit at KubeCon, Michael Sorens from Chef discusses how OPA provides granular authorization within applications:
Dec 4, 2019   |  By Styra
From the Open Policy Agent Summit at KubeCon, Jeremy Krach and Will Fu discuss how OPA policies are authored, distributed, and utilized at Pinterest (service mesh, kafka, internal tools). They also cover lessons learned in the process.
Dec 4, 2019   |  By Styra
From the Open Policy Agent Summit at KubeCon, Luke Massa from TripAdvisor discusses how he leveraged OPA’s API and unit test framework. The example shown is a system in which you write k8s admission policy alongside some mock changes to the cluster, some of which should be accepted and some of which should not be, and then run code that tells you whether your policy matches your expectation.
Dec 4, 2019   |  By Styra
From the Open Policy Agent Summit at KubeCon, Chris Stivers and Nicholas Higgins from Atlassian walk through their journey building a global authorization platform with Open Policy Agent and the help of Fluentd, S3, CDN's, Amazon Kinesis, and many more.
Dec 4, 2019   |  By Styra
From the Open Policy Agent Summit at KubeCon, Jiummy Ray from CapitalOne discusses how you can satisfy compliance, governance, and security requirements effectively with OPA.
Jan 14, 2019   |  By Styra
Tim Hinrichs, CTO of Styra and Co-founder of Open Policy Agent, live codes an OPA policy that enforces total memory limits on pods in Kubernetes.
Jan 14, 2019   |  By Styra
Tim Hinrichs, CTO of Styra and Co-founder of Open Policy Agent, live codes an OPA policy for Kubernetes admission control. The policy requires an owner label on every resource and forcibly guarantees imagePullPolicy is set to Always.
Mar 2, 2020   |  By Styra
Styra Declarative Authorization Service

Styra is the fastest and easiest way to put guardrails around your Kubernetes clusters--whether you’re a developer, an admin, or a bit of both.

Built on open-source, and declarative by design, Styra’s simple graphical library of customizable policies lets you easily mitigate risks, reduce human error, and accelerate development.

Security-as-code for Kubernetes:

  • Declarative by design: Manually “doing security” in today’s cloud-native environments is like a never-ending game of whack-a-mole. Styra works with Kubernetes to define, enforce, and monitor desired state, and eliminate the runtime guessing game.
  • Dynamic rules for dynamic environments: Simply put, Styra takes in business context, and outputs security decisions across your namespaces and clusters. Build policy-as-code directly via CLI, or with a simple point-and-click editor, and validate security before committing.
  • Portable, powerful policy: Styra allows you to define policy once, then enforce wherever necessary. No more best-effort security, no more policy silos. Built on the Open Policy Agent (the leading open source policy engine), enforcement is accurate, fast, and simple.

Policy-as-code guardrails to eliminate operational, security, and compliance risk