Styra Adds Compliance Pack and Policy Stack to Declarative Authorization Service
December 03, 2019

Styra is addressing one of the most significant enterprise blockers of Kubernetes: compliance. With Styra, enterprises can move Kubernetes clusters into production en masse while complying with traditional governance, audit, and compliance rules and regulations.

Styra is launching new features for its Kubernetes policy and compliance solution, Declarative Authorization Service (DAS). The DAS enhancements include the first in a series of Compliance Packs, a cohesive set of Kubernetes admission control policies which provide guardrails in compliance with regulatory standards; and Policy Stacks, which allow enterprises to easily manage a uniform set of policies across multiple clusters that perform similar functions (e.g., all production clusters, or all clusters regulated by PCI).

Styra’s commercial Declarative Authorization Service provides a management plane to define and apply context-based guardrails -- built from a graphical policy library -- which mitigate risks, reduce human error, and accelerate development. Styra DAS makes management of distributed OPA deployments possible, facilitates multi-cluster and multi-cloud management, and enables DevOps teams to prove security and compliance both internally and externally.

New Styra Declarative Authorization Service (DAS) Features Summary:

● Styra’s Compliance Packs are groups of policies and best practices that enable security and compliance teams to ensure their Kubernetes environments are in continuous compliance with appropriate regulations or standards. The first pack, released today at KubeCon in San Diego, is for PCI DSS v3.2; it includes ~40 discrete policies across all 12 specified requirements, providing controls for network, config management, data protection and privacy, privilege management, and more. This Compliance Pack provides guardrails for network policy and ingress namespace and pod selectors; enforces auditable and compliant encryption and key management; and enhances role-based access control (RBAC) with consistent and clearly-defined roles and responsibilities.

● New Policy Stacks features for Kubernetes allows users to create and save policy sets (Policy Stacks) and apply them across many clusters, simply and easily. This will enable teams to monitor group of clusters to ensure compliance and identify anomalies early.

“As Kubernetes goes mainstream, modern app environments are being subjected to the same audit and compliance scrutiny that have applied for the last 25 years,” says Sumana Annam, VP Products, Styra. “However, the old black-box approach -- surrounding monolithic apps with siloed, standalone tools -- cannot address the complexity of containerized applications. Styra DAS extends compliance controls directly into Kubernetes so that teams can prove that their app clusters are safe, secure, and compliant with both internal and external regulations.”

Share this

Industry News

August 06, 2020

Push Technology announced the launch of a new Kafka Adapter for their Diffusion Intelligent Data Mesh.

August 06, 2020

Appvia announced the launch of its Cost Prediction and Visibility tool, integrated within the latest version of its Kore platform.

August 06, 2020

LogiGear announced the newest addition to the TestArchitect™ family, TestArchitect Gondola.

August 05, 2020

Logz.io announced a partnership with HashiCorp, a provider in multi-cloud infrastructure automation software.

August 05, 2020

Digitate, a software venture of Tata Consultancy Services, announced the release of ignio™ AI.Assurance, an autonomous assurance product that enables enterprises to deliver better software faster, enhancing their business performance.

August 05, 2020

Harness acquired self-service Continuous Integration firm Drone.io, the creator of the open-source project Drone.

August 04, 2020

Aqua Security announced that its Cloud Native Security Platform is available through Red Hat® Marketplace, an open cloud marketplace that makes it easier to discover and access certified software for container-based environments across the hybrid cloud.

August 04, 2020

Threat Stack announced the availability of Threat Stack Container Security Monitoring for AWS Fargate.

August 04, 2020

OpenLogic by Perforce now provides an enterprise-class alternative to Oracle Java by offering OpenJDK distributions backed by OpenLogic support.

August 03, 2020

MuseDev launched on Github Marketplace the Early Access version of its code analysis platform, Muse, to help developers find and fix critical security, performance, and reliability bugs, efficiently, before they reach QA or production.

August 03, 2020

Styra announced Rego Policy Builder for the Styra Declarative Authorization Service (DAS).

August 03, 2020

Felicis Ventures has invested an additional $5M in Sourcegraph, bringing the total raised to over $46M, including a $23M Series B in March 2020 led by Craft Ventures.

July 30, 2020

New Relic delivered strategic updates to New Relic One.

July 30, 2020

IT Revolution announced the DevOps Enterprise Summit Las Vegas 2020 will be going virtual.

July 30, 2020

Adaptavist announced the acquisition of Go2Group, a US technology firm specializing in Agile and DevOps services and cloud solutions for the enterprise.