Declarative Authorization Service for Cloud-Native Security from the creators and maintainers of Open Policy Agent (OPA).

As platform teams take on more responsibility to enable developers to build and deploy there is a growing pressure to do this with reduced risk, and enterprise-level compliance and performance.  If your deployments are slowed down by compliance requirements or you are worried every time you run Terraform apply that you might break security rules, there are options for you to work differently.  Given today’s threat landscape, strict regulatory environment, and the reality that developers can and often inadvertently make mistakes with self-service infrastructure, we are working to offer platform teams a new option.

As the leader in cloud-native authorization, Styra accelerates secure, compliant cloud-native infrastructure deployments by providing enterprise platform engineering teams with an essential authorization toolset featuring the broadest library of validated policies for Kubernetes, Terraform, and CloudFormation.

Join this webinar to learn how you can:
- Accelerate secure deployments across multiple technology stacks including K8s, terraform, and CloudFormation.
- Get up and running quickly with pre-built policies, then easily see the impact of policy changes.
- What common security and compliance can be mitigated using Styra DAS.

Accelerate Secure Infrastructure Deployments

When it comes to the digital transformation journey, teams are often faced with distributed software architectures in order to accelerate innovation and reduce costs. With Styra Declarative Authorization Service (DAS) now integrated with Kong Mesh, teams have the collaboration tools and visibility required to manage service mesh traffic via Open Policy Agent (OPA) at a global scale.

In this webinar, Solutions Architect, Kurt Roekle will give a live demonstration of how Styra Declarative Authorization Service (DAS) and Kong Mesh can help your organization address policy lifecycle management, enterprise governance, and security by:
 - Automating policy-as-code based control for your service mesh
 - Providing visibility to monitor and audit traffic flow and decisions in real-time
 - Increasing application reliability with policy-based traffic management

Securing Microservices-Based Apps with Dynamic Traffic Authz

How is your team managing policies across the entire cloud-native stack? Styra Declarative Authorization Service (DAS), built by the founders of Open Policy Agent (OPA), has expanded its portfolio to include automated policy guardrails across the entire modern cloud-native application platform with native Terraform support.

Join Styra Solutions Architect, Kurt Roekle, as he demonstrates how pairing Styra DAS with Terraform allows organizations to:
 - Leverage pre-built policy libraries for expedited deployment in AWS, GCP and Azure
 - Pre-run and validate the impact of policy changes to assess impact on your infrastructure before you 
    commit and merge changes
 - Manage an entire cloud stack through a single control plane

Policy Management Across the Cloud-Native Stack: Styra DAS for Terraform

Let’s uncomplicate modernizing and migrating applications to the cloud.
As we all have experienced, security begins with identity management, but when scaling to cloud-native development models it can be darn near impossible to cobble together a homegrown solution that maintains architectural integrity and allows for both your data sources (LDAP, AAD, SCIM, etc.) and entitlements to shine.

We’ve found a way! Styra Declarative Authorization (DAS) for Cloud-Native Entitlements, with the foundation of Open Policy Agent (OPA) enables IAM and application teams to ingest the rich context of existing data sources like LDAP, AAD, etc., apply authorization policy for guardrails and then enforce authorization decisions across bespoke deployment models.

Cool, right?!

In this webinar, IAM luminary and Styra Product Manager, Jeff Broberg will walk through:
 - How you can use your existing data (IAM solution) and your rules and that you can replicate to as 
    many clouds, continents, regions, availability zones as you need.
 - Where you can create and manage centralized policy authoring, data management and decision logs 
    without sacrificing physically distributed enforcement.
 - How to run an instance of the entitlements service as close to the applications that need them as you 
    like and rest assured that the distributed policies/data will be kept up-to-date.
 - How to understand the impact of a policy or data change long before you deploy it.

Rapid Deployment and Less Friction for IAM & App Teams

Answering the question of who is allowed to provision/alter/enable a service within an application can be a daunting one for any organization. Traditionally, this was a Security Operations (SecOps) function communicated to developers on a Confluence page. Audits were painful because the authorization logic was spread out across a number of different services.

We at Styra are working on changing this...

We developed Open Policy Agent (OPA) to serve as the policy decision point (PDP) for all services in an organization. OPA embraces the Policy-as-Code principle which helps bring effective collaboration between different teams. SecOps teams and developers can now update Rego code to alter authorization policy across the whole organization. Much more fun than editing confluence pages.

The most crucial piece of the puzzle is Styra Declarative Authorization Service (DAS) - the only unified OPA management platform to mitigate risk, reduce human error, and accelerate development. Styra DAS is the central platform to author policy across the stack, safely deploy it with impact analysis prior to deployment and log decisions for audit purposes:
 - How policy-as-code creates a collaborative environment for developers and SecOps
 - Various techniques for delegating microservice authorization decisions
 - How Styra DAS orchestrates policies across applications

Fine-Grained Authz for Cloud-Native Applications - OPA & Styra DAS

The dynamic nature of cloud-native applications demands that the underlying infrastructure adapt in lock-step to deliver the necessary IT resources, making security and compliance a much bigger challenge.

Security teams must constantly scan infrastructure for policy violations. HashiCorp’s Terraform Cloud, and Styra DAS, an OPA-based authorization management platform, work together to keep infrastructure compliant by mandating verification of Terraform configurations at provisioning.

In this webinar, cloud-native technology experts from HashiCorp and Styra will demonstrate:

• The power of policy-as-code authorization in enforcing your organization’s security and compliance policies.
• How Styra DAS and HashiCorp Terraform Cloud integrate to ensure authorized infrastructure provisioning.
• How you can use pre-built security and compliance policy packs out of the box to save time and ensure consistency.

Validate Terraform Infrastructure using Styra and Terraform Cloud

terraform

policy-as-code

Authorization

Terraform Cloud

Styra

HashiCorp

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Validate Terraform Infrastructure using Styra and Terraform Cloud

Presented by

About this talk

More from this channel