Cerbos

Cerbos is an authorization platform designed for enterprise software and AI applications. It enables development teams to externalize and manage access control logic separately from application code, handling authorization decisions at scale. Core capabilities: - Policy-based authorization engine that evaluates access control decisions at runtime - Supports role-based access control (RBAC) and attribute-based access control (ABAC) models - Designed to handle millions of authorization checks per day with low latency - Authorization policies can be created, modified, and troubleshot without significant engineering overhead - Supports multi-tenancy scenarios with many users and many roles Key use cases: - Replacing in-house authorization systems to reduce engineering maintenance costs - Enforcing access control across microservices and service mesh architectures - Enabling non-engineering teams to manage authorization rules independently - AI application authorization Deployment: - Can be called multiple times within a single request without significant latency impact - Operates as a sidecar or standalone service within distributed systems Cerbos positions itself as an alternative to building and maintaining custom authorization logic internally, with the stated goal of reducing the total cost of ownership associated with in-house access control implementations.