Styra Adds Compliance Pack and Policy Stack to Declarative Authorization Service
December 03, 2019

Styra is addressing one of the most significant enterprise blockers of Kubernetes: compliance. With Styra, enterprises can move Kubernetes clusters into production en masse while complying with traditional governance, audit, and compliance rules and regulations.

Styra is launching new features for its Kubernetes policy and compliance solution, Declarative Authorization Service (DAS). The DAS enhancements include the first in a series of Compliance Packs, a cohesive set of Kubernetes admission control policies which provide guardrails in compliance with regulatory standards; and Policy Stacks, which allow enterprises to easily manage a uniform set of policies across multiple clusters that perform similar functions (e.g., all production clusters, or all clusters regulated by PCI).

Styra’s commercial Declarative Authorization Service provides a management plane to define and apply context-based guardrails -- built from a graphical policy library -- which mitigate risks, reduce human error, and accelerate development. Styra DAS makes management of distributed OPA deployments possible, facilitates multi-cluster and multi-cloud management, and enables DevOps teams to prove security and compliance both internally and externally.

New Styra Declarative Authorization Service (DAS) Features Summary:

● Styra’s Compliance Packs are groups of policies and best practices that enable security and compliance teams to ensure their Kubernetes environments are in continuous compliance with appropriate regulations or standards. The first pack, released today at KubeCon in San Diego, is for PCI DSS v3.2; it includes ~40 discrete policies across all 12 specified requirements, providing controls for network, config management, data protection and privacy, privilege management, and more. This Compliance Pack provides guardrails for network policy and ingress namespace and pod selectors; enforces auditable and compliant encryption and key management; and enhances role-based access control (RBAC) with consistent and clearly-defined roles and responsibilities.

● New Policy Stacks features for Kubernetes allows users to create and save policy sets (Policy Stacks) and apply them across many clusters, simply and easily. This will enable teams to monitor group of clusters to ensure compliance and identify anomalies early.

“As Kubernetes goes mainstream, modern app environments are being subjected to the same audit and compliance scrutiny that have applied for the last 25 years,” says Sumana Annam, VP Products, Styra. “However, the old black-box approach -- surrounding monolithic apps with siloed, standalone tools -- cannot address the complexity of containerized applications. Styra DAS extends compliance controls directly into Kubernetes so that teams can prove that their app clusters are safe, secure, and compliant with both internal and external regulations.”

Share this

Industry News

January 20, 2021

Hitachi Vantara announced the availability of Hitachi Kubernetes Service, enabling customers to consistently and securely deploy, manage, monitor, and govern Kubernetes clusters across major cloud providers and on premises.

January 20, 2021

Internal announced the launch of an enterprise-ready app development platform for internal tools.

January 20, 2021

StackPulse announced a $20 million Series A led by GGV Capital.

January 19, 2021

GitLab announced GitLab Ultimate for IBM Cloud Paks, which is designed to help streamline team collaboration and increase team productivity with a comprehensive, easy-to-use DevOps platform.

January 19, 2021

Fugue announced new capabilities for bringing public cloud container resources into compliance and ensuring the continuous security of container runtime configurations.

January 19, 2021

Rookout announced new functionality that empowers software developers to debug other people’s code.

January 14, 2021

Oracle is making its popular APEX low-code development platform available as a managed cloud service that developers can use to build data-driven enterprise applications quickly and easily.

January 14, 2021

Parasoft announced its C/C++test update to support IAR Systems' build tools for Linux for Arm.

January 14, 2021

Harness raised $115 million in financing, reaching a valuation of $1.7 billion in just three years after launching from stealth.

January 13, 2021

Slim.ai launched with its cloud-based DevOps automation platform built specifically for software developers.

January 13, 2021

WhiteSource announced new WhiteSource Advise support for JetBrains' PyCharm and WebStorm integrated development environments (IDEs).

January 12, 2021

Red Hat has added new features to Red Hat Runtimes.

January 11, 2021

KubeSphere announced its expanded relationship with AWS to offer KubeSphere as an AWS Quick Start.

January 07, 2021

Red Hat announced its intent to acquire StackRox

January 07, 2021

Cigniti Technologies announced a partnership with Sonatype to help enterprise customers innovate faster and easily mitigate security risk inherent in open source.