We're launching the Oso MCP server! Connect AI tools to Oso Cloud for policy debugging, testing, and secure, context-aware authorization.

LLMs take action, not just generate text. This post unpacks a high-profile failure and shows why authorization is the key to keeping them in check.

Oso is now on AWS Marketplace and in the ISV Accelerate Program, making it easy for AWS customers to adopt authorization for permissions and access control.

Zanzibar creator Abhishek Parmar shares lessons on scaling authorization at Google and Airbnb—and what teams should know before building their own system.

Secure LLM apps from day one. Learn how to design RAG pipelines with built-in authorization to prevent data leaks and simplify your AI stack.

LLMs have already changed the rules. How do we make sure they don't also ignore them?

Learn how to secure your RAG pipelines using Oso’s new SQLAlchemy integration. Apply fine-grained authorization directly to your database queries—including those using pgvector—without writing custom SQL. Prevent data leaks in LLM apps, simplify permissions, and build safer AI features with Python and SQLAlchemy.

As AI apps like RAG chatbots integrate with Google Drive, Notion, and Jira, one challenge dominates: preventing data leaks. This post explores three architectural approaches to secure AI access with real-world tradeoffs and guidance from Oso engineers.

Learn how we built a step-by-step debugger for Polar, our Datalog-inspired logic language for fine-grained authorization. This post explores coinductive trees, lazy evaluation, and why a TUI made more sense than a GUI for tracing recursive, rule-based decisions.

Introducing Oso Migrate: A TUI that simplifies authorization migrations.

Authorization seems simple until you build it. Learn from 40 common mistakes developers make when tackling one of the toughest problems in software.

Tido Carriero shares career advice for engineers, his 3-pillar framework for fulfillment, and why Oso’s approach to authorization inspired him to become an advisor.

A wake-up call for SaaS: JPMorgan exposes deep security flaws. See how top vendors are rethinking authorization with Oso to win enterprise trust.

A weak password exposed full admin access and sensitive customer data. Learn from this real-world breach before it becomes your own nightmare.

Oso Self-Hosted is now in private beta! Run Oso in your AWS account for full control over authorization infrastructure, data, and compliance.

Is your app's authorization logic holding you back or putting you at risk? Discover 5 critical signs your permissions system is fragile—and how to fix it before it breaks. Learn from real-world examples and best practices from Oso,

Learn why sub-10ms authorization is the new gold standard for enterprise apps. Discover how Oso delivers lightning-fast, scalable permission checks without compromising on flexibility or control.

Discover "A Tour of Polar," Oso’s interactive, point-and-click guide to building authorization policies. Learn RBAC, ReBAC, and ABAC with editable policies and real-time authorization decisions in a fun, hands-on experience.

Learn how to simplify and scale your authorization tests in Oso Cloud using assert variables and the iff operator. Write fewer test cases, validate multiple permissions at once, and ensure your access control policies stay correct as they grow.

Learn how Oso Cloud enables fine-grained access control in microservices using RBAC, ReBAC, ABAC, and Polar—our purpose-built policy language.

Oso Sync ensures your authorization data stays consistent between your app and Oso Cloud by detecting and fixing data drift caused by issues like latency or manual changes. It supports PostgreSQL, MongoDB, and CSVs for other databases, offering both reporting and automatic updates.

Discover how Sensat transformed its authorization system with Oso! Learn how they built fine-grained access control, implemented permission inheritance, and eliminated API code changes—all while streamlining development. Read more!

Use Oso Cloud, OpenAI, and Supabase to build a permissions-aware RAG chatbot, so users only see context from documents they have permission to view.

Join our upcoming O’Reilly SuperStream: Retrieval-Augmented Generation (RAG) in Production.

Duolingo migrated to Oso to simplify authorization and improve developer productivity. Previously, permission changes took hours or even days—now, they take minutes. In this interview, Tom Whittaker, Senior Engineering Manager at Duolingo, shares how Oso helped them focus on core business features instead of workarounds. Watch the full story and explore real-world authorization insights from top engineering teams.