oso makes authorization easy for developers and transparent for security.

Product

Express your policy as code in a single place, making it easy to write, test, debug and audit even the most complex authorization logic.

noun_programming_2834206%201_edited.png

POLICY AS CODE

Use a structured interface for expressing authorization with extensible building blocks, while keeping the flexibility to define whatever logic you need for your use case.

noun_visualization_783156 1.png

VISUALIZE

Explore the users, endpoints and every other element of your policy visually to reason about complex relationships, inform design decisions, and debug issues.

noun_Test%2520Tube_2209565%25201_edited_

TEST & REVIEW

Write tests over your policy using frameworks like pytest or JUnit, and incorporate it into your security review process.

noun_test_1221418%201_edited.png

AUDIT

Get an audit trail of every request and permission change in your application, including output showing why requests were authorized or rejected.

 

Use Cases

Roles & Permissions

Add roles, groups, attributes, and user-configurable permissions to support the enterprise-grade features your customers ask for.

Custom Policies

Give your customers the ability to write custom rules and policies for your application – like your own version of AWS IAM.

Internal Apps

Provide fine-grained controls for your support and sales teams accessing customer data to meet compliance requirements and ensure a least-privilege security posture.

 

Who oso is for

  • Development teams that devote roadmap to building and maintaining access control schemes, debugging authorization issues, and scaling authorization across multiple services.

  • Security teams that want guardrails, visibility and auditing for access control without impacting developer velocity.

 

Get Early Access

©2020 Oso Security, Inc.