Styra Delivers Comprehensive Policy Bundle Management Ensuring Stronger Software Supply Chain Security

With these new features, Styra solves the complex problem of securely promoting policy bundles across software development pipeline stages

San Francisco, Calif. — October 18, 2022— Styra, Inc., the creators and maintainers of Open Policy Agent (OPA) and leader of cloud-native authorization, today introduced a comprehensive set of policy bundle management capabilities to Styra Declarative Authorization Service (DAS). These new bundle management features are essential for meeting software supply chain security requirements and benefit customers seeking to optimize ever growing IT resource consumption and costs. 

Even with OPA as a proven and stable foundation for organizations to build and consistently enforce policy governing cloud-native apps and infrastructure, organizations managing authorization still face significant challenges. Policy bundles, which include policy code and authorization data, need to be stored, accessed and deployed across the software development pipeline. Without the right policy lifecycle management system, it is extremely difficult and time-consuming to ensure the proper provenance and security of that policy data, as it is promoted from one software pipeline environment to the next. 

To ensure software supply chain security and compliance, Styra DAS now can generate separate policy and data bundles so that each software pipeline environment (e.g. test, staging, and production) has its own policy-impacting data while ensuring that the policy code doesn’t change as it moves from one pipeline stage to the next. In addition, Styra DAS can access and use bundles from external registries, allowing users to work with policy bundles containing sensitive data without requiring those bundles to be stored in the Styra Bundle Registry™.

“Building policy bundles from scratch is often a time consuming and costly venture for any organization, but they’re more critical than ever before in ensuring security and compliance,” says Chris Hendrix, Director of Product Management at Styra. “With Styra DAS policy bundle management, we’re helping organizations optimize their time and spend, ensuring that application developers and platform engineers can focus on what they do best – building innovative applications that drive business results.” 

Styra DAS policy bundle management comprises the following features: 

  • Styra Bundle Promotion: Easily promote policy bundles from one software pipeline environment to the next. This helps teams to satisfy software supply chain security requirements by avoiding alteration of authorization policy as the bundle is promoted from one pipeline stage to the next.
  • Styra Delta Bundles:  Optimize IT resource consumption and infrastructure costs by preserving network bandwidth and compute resources when updating OPAs. This ensures that only changes are sent to the OPA, and that teams update only the latest policy and authorization data instead of the entire bundle. This prevents updated bundles from consuming more network bandwidth, CPU and memory resources, which risks authorization system performance degradation and potentially drives up costs.
     
  • Styra Bundle Registry: Quickly and natively integrate an API and storage layer that tells OPA which bundle to download and where to download it from. The Styra DAS Native Bundle Registry removes the requirement for users to build and implement their own bundle registries from scratch, and allows Platform teams to focus on building and running applications.

To learn more about securing your cloud-native environments and applications with Styra, visit https://www.styra.com/.

About Styra

Styra enables enterprises to define, enforce and monitor policy across their cloud-native environments. With a combination of open source (Open Policy Agent) and commercial products ( Styra Declarative Authorization Service and Styra Run), Styra provides security, operations and compliance guardrails to protect applications, as well as the infrastructure they run on. Styra policy-as-code approach lets developers, DevOps, and security teams mitigate risks, reduce human error and accelerate application development. Learn more at Styra.

Media Contact

Lindsey Harrison

Walker Sands for Styra

lindsey.harrison@walkersands.com

630-730-1808

Cloud native
Authorization

Entitlement Explosion Repair

Join Styra and PACLabs on April 11 for a webinar exploring how organizations are using Policy as Code for smarter Access Control.

Speak with an Engineer

Request time with our team to talk about how you can modernize your access management.