惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Y
Y Combinator Blog
博客园 - 司徒正美
TaoSecurity Blog
TaoSecurity Blog
Martin Fowler
Martin Fowler
T
Threat Research - Cisco Blogs
Blog — PlanetScale
Blog — PlanetScale
S
Secure Thoughts
博客园 - 三生石上(FineUI控件)
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
K
Kaspersky official blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Cisco Talos Blog
Cisco Talos Blog
H
Help Net Security
博客园 - 叶小钗
爱范儿
爱范儿
GbyAI
GbyAI
I
Intezer
M
MIT News - Artificial intelligence
Latest news
Latest news
Schneier on Security
Schneier on Security
T
Tor Project blog
Simon Willison's Weblog
Simon Willison's Weblog
I
InfoQ
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
C
CXSECURITY Database RSS Feed - CXSecurity.com
罗磊的独立博客
N
News and Events Feed by Topic
T
The Blog of Author Tim Ferriss
V2EX - 技术
V2EX - 技术
B
Blog
T
Tailwind CSS Blog
N
Netflix TechBlog - Medium
Security Latest
Security Latest
V
V2EX
F
Fortinet All Blogs
Forbes - Security
Forbes - Security
Application and Cybersecurity Blog
Application and Cybersecurity Blog
The Hacker News
The Hacker News
Scott Helme
Scott Helme
P
Privacy International News Feed
P
Palo Alto Networks Blog
H
Heimdal Security Blog
C
Cisco Blogs
T
The Exploit Database - CXSecurity.com
博客园 - Franky
酷 壳 – CoolShell
酷 壳 – CoolShell
G
Google Developers Blog
W
WeLiveSecurity
L
LINUX DO - 最新话题

Cerbos - All Posts

Authentik vs Keycloak: Self-hosted IdP comparison Mapping business requirements to authorization policy for automotive Fine-grained authorization for AI gateways EIC 2026: Stop counting agents, protect what they can touch Agent skill for writing authorization policies in Claude Desktop Identity security in 2026 EIC 2026 takeaways: the identity stack built for humans will not hold up for AI agents Already have authentication? Here's the authorization layer you still need. Tokens are authorization decisions: a guide to policy-driven token issuance What is a Runtime Authorization Platform It's a dimmer switch, not a kill switch. How CISOs are rethinking AI agent governance From maps to bitmaps (and from bitmaps to bitmaps) AuthZEN, Shared Signals, SCIM Events, IPSIE: Notes from the OpenID Enterprise Panel How do you update authorization policies without redeploying your application? IIW42 recap: Where agent authorization got real Cerbos PDP v0.52.0/v0.53.0: Engine performance, security hardening, and CEL path functions Authorization Management Platforms: what they do, how they work, and where they fit PocketOS AI coding agent deleted a production database in 9 seconds Non-Human Identity management still has a blind spot Supabase alternative in 2026: Best open source auth options Benefits of on-premise authorization: Why enterprises are moving toward self-hosted Authorization policies: How to write, test, and validate them (faster with AI) Agent skill for writing authorization policies How much does it cost to build authorization in-house? Why centralized authorization governance reduces incident response time OPA alternative Why AI agents make authorization a right now problem Modernizing legacy application authorization: why it’s your biggest security blind spot How to add authorization to legacy applications without code changes 5 authorization blind spots auditors find, and how to fix them Row-level security for Apache Trino, powered by Cerbos Synapse Top 9 Identity & Access Management (IAM) Tools for 2026 Authelia vs Authentik in 2026: Which self-hosted IdP should you choose Can non-engineers manage authorization policies with Cerbos? Governing AI coding agents with Cerbos Synapse Your AI coding agents need guardrails. Not the kind you think From open-source policy engine to enterprise authorization management platform Mapping business requirements to authorization policy for utilities Introducing Cerbos Synapse: unified authorization context and enforcement across your stack The CISO’s guide to implementing Zero Trust: Making adaptive access control work in practice Automating IAM for compliance, security, and business agility Authorization became the main character at Gartner IAM London How does Cerbos help with compliance audits and certifications? Overcoming IAM blind spots and fragmentation for continuous governance How long does it take to implement Cerbos in production? The four pillars of access control in banking When breach becomes personal. CISOs, identity failures and the road to continuous governance Policy as Code with Azure API Management and Cerbos AI is turning weak permission management into systemic banking risk Query plan adapter for Elasticsearch (Java) Query plan adapter for Drizzle ORM 10 fintech security tools to build a compliant and resilient security stack Fine-grained authorization for AI agents with Cerbos and Aperture by Tailscale Query plan adapter for LangChain.js and ChromaDB Fintech security architectures: where they break and why MCP authorization: Securing Model Context Protocol servers with fine-grained access control Cerbos PDP v0.51.0: Policy lifecycle management, audit enhancements, and scopes Query plan adapter for Convex Best open source auth tools & auth software for enterprises [2026] Cerbos Hub Playground: Recent updates Announcing ePDP Rules: Fine-grained control for embedded policy bundles Mapping business requirements to authorization policy for aviation A shared authorization layer that adapts to context What is authorization as a service? Framework for evaluating authorization providers and solutions Cerbos Hub is now available on-premise Authorization as a continuously governed control Year in review: 2025 When authorization is static, risk accumulates silently OpenID AuthZEN is official, and Cerbos is ready MCP and Zero Trust: Securing AI agents with identity and policy 10 critical challenges CISOs face in 2026 and how to solve them AI Security Platforms (AISP): What they are, why they matter, and how they work Cerbos PDP v0.50.0: Stricter CEL, more predictable scope plans, and faster evaluation Cerbos PDP and Cerbos Hub: Choosing the right setup for your team Gartner IAM Summit 2025: Authorization maturity, AuthZEN momentum, and why identity security is expanding to every workload Zero Trust in cybersecurity - how it works Secure RAG: Implement LLM Access Control with Cerbos Cerbos PDP v0.48: OpenID AuthZEN support, improved query plans, faster bundle loading Key compliance regulations for non-human identities How to implement scalable multitenant authorization Key takeaways from Workload Identity Day 0 at KubeCon What is Cerbos? Cerbos vs. OPA Mongoose adapter for Cerbos Query Plans v2.0 Staying compliant - What you need to know Migrating from OPA and Rego to Cerbos Broken access control still tops the list: OWASP top 10 2025 Platform engineering leaders are racing to enable AI safely - takeaways from KubeCon NA 2025 AuthZEN: Standards-based authorization for enterprises What ISC2 congress 2025 made clear about modern compliance Automate Cerbos policy uploads with the cerbos-store-action GitHub Action Mapping business requirements to authorization policy in HR systems Mapping business requirements to authorization policy for insurance Run Cerbos natively inside AWS Lambda Cerbos PDP v0.47.0: AWS Lambda support, Git-aware Hub uploads, and smarter schema diagnostics What is authorization? Types, examples and definitions Building your own authorization solution vs. buying an off-the-shelf one Zero trust has reached operational reality Modern application architecture trends: AI, microservices, and pragmatic security
How to secure microservices without creating a distributed nightmare
Anna Paykina · 2026-06-14 · via Cerbos - All Posts

When your application is a monolith, security is relatively straightforward. Authentication happens in one place. Authorization logic lives in the same codebase. Network boundaries are clear. Then you decompose into microservices and suddenly every service is an attack surface, every service-to-service call needs to be authenticated and authorized, and every team is implementing security slightly differently.

The flexibility that makes microservices valuable is exactly what makes them harder to secure. If your security isn't enhanced to deal with these new vulnerabilities, your system is more exposed than it was as a monolith.

I've watched teams go through this transition dozens of times, and the pattern is consistent. They focus on getting the decomposition right, on data management, on communication patterns, and security becomes an afterthought. Then they spend the next two years cleaning up the mess.

Here's how to avoid that.

Where the vulnerabilities actually are

vulnerabilities microservices monoliths.png

Before you can secure a microservices architecture, you need to understand where it's vulnerable. The OWASP Microservices Security Cheat Sheet is a good starting point, but there are four areas that consistently trip teams up in practice.

Decentralized security logic is the most common problem. In a monolith, all security-related logic resides in the same project and codebase. In a microservices context, you have to replicate and tailor your security system to each service. When different teams implement security differently, with different levels of rigor, the weakest link becomes the entry point for an attacker. If even one team is inconsistent in their implementation of security policies and controls, it creates a vulnerability that can be used to access the whole system.

Token propagation introduces its own risks. Token-based authentication is the standard approach for microservices, but tokens are passed between services across different databases and security systems, making them more susceptible to interception and misuse. Without proper safeguards, a compromised token gives an attacker authenticated access to downstream services that trust it.

Excessive trust between services is the zero trust gap. Many teams assume that internal service-to-service calls are inherently safe because they're behind the network perimeter. They're not. If an attacker compromises a single service, implicit trust lets them move laterally across your entire system.

Misconfigured containers and network policies round out the picture. Container orchestration adds its own security surface, and centralized logging gaps make attacks harder to detect after the fact.

Five layers of microservices security

Securing microservices isn't a single solution. It's a set of overlapping layers that each address a different part of the problem. Get one wrong and the others can't fully compensate.

Authentication and authorization

Authentication verifies identity. Authorization determines what that identity is allowed to do. These are different concerns, and in microservices they need to be handled at different levels.

For authentication, token-based mechanisms like JSON Web Tokens (JWT) and OAuth 2.0 are the standard. After a user or service is successfully authenticated, the system issues a token containing identity and permissions data. This token is included in every subsequent request, allowing the receiving service to verify the caller's identity at each step.

Authorization is where most teams struggle. In a monolith, a single authorization check can gate access across the entire application. In microservices, each service needs to make its own authorization decisions, and those decisions need to be consistent. If your payments service enforces one set of access rules and your user service enforces another, you've got a gap.

This is where centralizing authorization logic matters. Rather than scattering if statements across every service, you define access policies in one place and evaluate them at runtime. Every service asks the same policy engine the same question, and gets a consistent answer.

Secure communication with TLS and mTLS

key features of a service mesh.png

Microservices rely heavily on communication across servers and storage types, so secure communication channels are essential. Transport Layer Security (TLS) encrypts the communication channel to protect data from eavesdropping and tampering. Mutual TLS (mTLS) adds an additional layer by requiring both the client and the server to authenticate each other.

Used together, they maximize security for service-to-service communication. TLS ensures nobody can read the data in transit. mTLS ensures both sides of the conversation are who they claim to be.

API gateway as a security boundary

An API gateway acts as a single access point for external clients, limiting the routes into the system to give you more control over your traffic. Beyond routing, an API gateway can handle authentication, validate tokens, control access, and provide rate limiting. It can also act as a reverse proxy, hiding the internal microservices architecture from external callers.

Tools like Kong, Apigee, and Amazon API Gateway can all serve this function. The key is that the gateway becomes your first line of defense, handling the security concerns that apply to all inbound traffic before requests reach individual services.

Zero Trust security

Zero Trust is a security framework based on the principle of never trust, always verify. Defined formally in NIST SP 800-207, it assumes no implicit trust for any entity, whether inside or outside the network. Every request requires authentication and authorization regardless of where it originates.

When users and services are authenticated, access is only granted based on the principle of least privilege. Users and services only get the permissions they need to perform their tasks. This minimizes the blast radius of a potential breach.

You can implement Zero Trust using mutual TLS for authentication, then layer in fine-grained authorization for the access control decisions. Workload identity frameworks like SPIFFE provide cryptographic identities for services, eliminating reliance on network location as a trust signal. The combination of verifiable identity at the transport layer and policy-based authorization at the application layer gives you defense in depth.

Consistent policy enforcement across services

The hardest part of microservices security isn't implementing any single control. It's keeping them consistent across all your services.

When different teams build different services, each with their own approach to access control, inconsistencies creep in. A central policy store with version-controlled authorization policies deployed uniformly across services solves this. Shared enforcement through common libraries or sidecar proxies ensures that every service applies the same rules. And automated testing that verifies endpoint restrictions across all services catches regressions before they reach production.

How Netflix secured their microservices

When Netflix decomposed their monolith, ensuring continued security was essential. Their approach is worth studying because they addressed every layer systematically.

They embraced a Zero Trust model, enforcing the principle of least privilege at the microservice level with role-based access control. Each user and service was assigned specific roles, and access to resources was granted based on those roles.

For authentication, Netflix moved identity verification to the edge of their network. As described in their Edge Authentication and Token-Agnostic Identity Propagation engineering blog post, they centralized authentication into a set of services running inside their API gateway. This edge authentication system processes incoming tokens, verifies identity, and generates an internal identity object called "Passport" that propagates through downstream services. By centralizing authentication at the edge, they eliminated the need for individual services to understand the complexity of different authentication protocols.

Netflix also built Zuul, an open source API gateway that creates a single entry point for all client requests. Zuul handles authentication, rate limiting, and access control, as well as request routing and load balancing. The edge authentication system runs as a series of filters within Zuul, inspecting tokens on every inbound request.

They secured communication channels with both TLS and mTLS, ensuring data integrity and mutual authentication for all service-to-service calls. And they developed Security Monkey (which has since been retired), an automated monitoring tool that continuously assessed the security posture of their infrastructure, identifying misconfigurations and policy violations before they became problems.

Where Cerbos fits in

Cerbos addresses the authorization layer specifically. It acts as a centralized policy decision point that every service can call to get consistent, fine-grained access control decisions.

Here's a policy from our Zero Trust for microservices guide that controls what a service can access based on its workload identity.

apiVersion: api.cerbos.dev/v1
resourcePolicy:
  version: "default"
  resource: "review"
  rules:
    - actions: ["read"]
      effect: EFFECT_ALLOW
      roles:
        - "employee-service"

This is a simple example, but the pattern scales. You can layer in attribute-based conditions so that access decisions consider context like department, environment, or the relationship between the caller and the resource being accessed.

For on-behalf-of scenarios, where one service is acting on behalf of a user via an act claim, Cerbos can evaluate both the service identity and the user identity in the same policy check.

apiVersion: api.cerbos.dev/v1
resourcePolicy:
  version: "default"
  resource: "review"
  rules:
    - actions: ["read"]
      effect: EFFECT_ALLOW
      derivedRoles:
        - manager_in_department
      condition:
        match:
          expr: "request.principal.attr.act.user.attr.department == request.resource.attr.department"
    - actions: ["read"]
      effect: EFFECT_ALLOW
      derivedRoles:
        - hr_user

The policies are YAML-based and version-controlled alongside your code. They're evaluated at runtime with sub-millisecond latency, and every decision is logged for audit. This means you get consistent authorization across all your services, regardless of which team built them or what language they're written in.

Getting started

Securing microservices well means addressing all five layers, not just the one that feels most urgent. Authentication, authorization, secure communication, API gateway controls, and Zero Trust principles each solve a different part of the problem.

If you're in the middle of a monolith-to-microservices migration or looking to tighten security on an existing architecture, here are two places to go deeper:

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。