Leveraging the widely used open source project “Open Policy Agent“, build.security’s platform empowers developers to build runtime access controls for their applications, bringing identity and resource attributes into the policy evaluation phase, in runtime.
build.security’s platform is designed to make it easy for developers to build various data-driven use-cases such as API authorization, function level authorization, RBAC, ABAC and more. Real life authorization models get more and more complex as business grows, and claims, JWT tokens and OAuth scopes cannot always solve it all.
Our OPA-based Policy Decision Point (also known as PDP) is designed to be installed in the customer’s environment, serving as a decoupled policy engine for various use cases. It integrates with a wide variety of Policy Enforcement Points (also known as PEP). build.security’s PDP is written in Go language, wrapping OPA’s Go library. It is stateless, and commonly installed as a sidecar to the application that uses it. Example applications can include proxies such as Nginx / Envoy, monolith applications, Docker’s authorization plugin, K8S admission control, service mesh solutions, Kafka streams and any other custom application.