Styra Academy - Free OPA Training
Kubernetes Guardrails
Deploy OPA at scale with turnkey policy authoring, distribution and monitoring for Kubernetes security and compliance
Styra Declarative Authorization Service—built on Open Policy Agent—provides context-based admission control policy to mitigate risk, reduce human error and accelerate Kubernetes deployments.
Styra DAS was purpose-built to address today’s “Everything-as-code” requirements for security and compliance:
Shift security left with a declarative model that works with Kubernetes admission control webhooks to prevent risk before runtime
Validate policy before enforcement to eliminate human error and accidental breakages
Visualize admission control decisions for easy intra-department communication
Use built-in libraries and clear GUI to implement policy-as-code, with or without coding skills
Trust the industry's only security solution built by the founders of Open Policy Agent
Kubernetes has evolved from experimentation to production—now teams must secure this new environment, but dynamism and scale add exponential complexity
Get to day 2 quickly with OPA policy authoring and impact analysis for admission control
The future of security is policy-as-code, but not every security team is made up of coders. That’s why Styra DAS provides both a point-and-click user interface as well as a rich code editor.
With a built-in library of best practices and security policies sourced from real-world OPA use cases, it's easy to get K8s guardrails up and running quickly.
DevOps and Platform teams can pre-run policies to analyze their impact before deployment, see where violations occur and analyze existing workloads for compliance across clusters.
Mitigate risk and ensure consistency across clusters, based on namespace, labels and more
Styra Policy Stacks allow easy deployment of OPA policy across systems. DevOps teams can create a “stack” of rules and deploy that stack across multiple clusters grouped by common traits like production/staging, namespace, PCI or custom attributes.
Styra Policy Stacks enable teams to monitor groups of related systems as one, to ensure consistency and to easily identify any anomalies early.
Ensure your clusters are secure and compliant, with transparency across teams
Styra DAS provides actionable, graphical views of all admission control policy decisions/mutations, as well as any compliance violations. Dashboards give immediate insights to Security and DevOps teams, and data can be sent to external monitoring systems like Prometheus or SIEM tools.
All historical decisions can be independently searched and replayed through updated policy/rulesets, to prove to both internal and external auditors that controls are in place to meet Kubernetes security and compliance regulations.
Jumpstart deployments and ensure compliance with pre-built packs of relevant policy
Styra Policy Packs eliminate the need to research, identify and implement baseline guardrails/policies. Packs include:
PCI DSS 3.2, MITRE ATT&CK and CIS Benchmarks
OPA Community Best Practices
Kubernetes Pod Security Policies
Accelerate Kubernetes adoption, decrease time spent writing and configuring policies from scratch and reduce delays and risk resulting from human error.
Integrate Styra DAS guardrails into existing GitOps and CI processes and tooling
Styra DAS shifts security and compliance left to notify developers of violations earlier, so they can be fixed sooner—before being committed into production. Security and DevSecOps teams define policies once, and then check compliance at every stage: Development, Build/Test and Production.
Github and CI integrations ensure that Styra DAS stops errors and eliminates rogue deployments early, to help developers spend less time on manual remediation, and instead focus on more differentiated work.
© 2021 Styra. All rights reserved.
