Cerbos is taking a self-hosted, open source approach to the problem of user permissions, one that works across languages and frameworks and, most importantly, one that allows enterprises complete visibility into how their data is handled.
Cerbos said today that it has acquired $3.5 million in a seed round of funding headed by London-based VC company Crane to help build out its staff and develop a commercial product on top of the open source platform.
Cerbos is most often used in conjunction with one of the various identity authentication solutions available, such as Google Firebase, Microsoft Active Directory (AD), Auth0, and WorkOS. Following verification, there are solutions such as Open Policy Agent, Casbin, and CanCanCan for authorising identification and applying certain rights, but they are “more limited,” according to Baran.
“There are many libraries and frameworks that developers can take, and build into their product for authorization,” he said. “However, they are all focused on specific programming languages or frameworks and usually implement authorization for a single, monolithic application and don’t cater for the business users to define permissions in a human-readable way.”