Application Security

Styra & Kong to Secure Modern Applications

Styra & Kong

Companies behind two leading open source projects advance common vision with technology integration to tightly control traffic flow to, from and between microservices

Styra, Inc., the founders of Open Policy Agent (OPA) and leaders in cloud-native authorization, today announced a new partnership with Kong Inc., the cloud connectivity company and the creators of Kuma. The two organizations are aligned on a common vision to secure modern cloud-native applications with dynamic, policy-enabled traffic control for microservices. Styra Declarative Authorization Service (DAS) is now integrated with Kong Mesh, an enterprise-grade service mesh built on top of open source Kuma, so security and operations teams can more easily meet internal and external regulations. Styra DAS and Kong Mesh together give teams granular control over traffic flow, and the real-time monitoring and historical audit records required to secure services and prove compliance.

Today, many organizations are moving from monolithic applications to microservices-based applications to accelerate innovation. However, digital transformation journeys come with challenges, and the transition to microservices is no different. Teams need to ensure that services are connected reliably with minimal latency, while also preventing unauthorized access and minimizing risk of data breach. Organizations can leverage OPA and Kong Mesh as open source options to manage traffic flow between services, but these solutions require teams to design and deploy integrations themselves and lack a framework for management, monitoring or collaboration.

Styra and Kong now offer a turnkey solution for deploying OPA and Kuma that delivers the service proxies and policy-as-code controls needed to establish or deny traffic to, from or between individual microservices and apps. With the new integration of Styra DAS and Kong Mesh, individuals have the collaboration tools and visibility required to manage policy-enabled traffic control at scale. Styra DAS and Kong Mesh enable IT, Security, and Governance, Risk Management and Compliance (GRC) teams to:

  • Reduce operational overhead with automated policy-as-code based control of multiple service meshes.
  • Govern, monitor and audit traffic flow and policy decisions for real-time verification of performance and risk.
  • Increase application reliability with policy-based traffic management.
  • Manage microservices policy lifecycle from initial authoring all the way through deployment and monitoring.
  • Rapidly implement leading open-source solutions OPA and Kuma at global scale.

“When teams embrace a microservice architecture, they need to manage what those services can do. Styra and Kong both believe that microservices are the future of application development, and that controlling those services is critical to both performance and security,” said Tim Hinrichs, co-founder and chief technology officer of Styra. “This partnership makes perfect sense—since Kong’s API gateway and service mesh solutions provide the modern network control points for APIs and microservices, and Styra solutions provide the authorization policy to control how and when those APIs are called.”

Styra and Kong enable seamless authorization policy enforcement

Through this partnership, Styra and Kong are responding to their customers’ evolving needs. The combination tightly controls traffic between services, based on dynamic context, to prevent unauthorized access and limit the risk of data exfiltration. Additionally, customers also architect traffic flow to ensure application components work together appropriately so end users have the correct level of access based on their level of privilege within the app.

Styra DAS and Kong Mesh give teams the tooling required to govern, monitor and audit traffic flow and policy decisions across all API-based traffic control points using a single management plane for OPA and Kuma. This empowers disparate development teams to unify best-of-breed open source solutions from Styra and Kong, as well as to break down silos and innovate faster, with less overhead or custom tooling.

“At Kong, our aim is to ensure that companies’ connectivity across APIs, hybrid and multi-cloud environments is reliable and runs seamlessly as their use of cloud-native applications increases,” said Marco Palladino, CTO and co-founder of Kong Inc. “We are excited to work with Styra to advance policy scalability across our solutions, ensure that traffic flow is governed by policy, and meet the needs of developers and security teams alike.”

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybersecurity, go to AI-Techpark.com.

Related posts

Akamai named as a Leader for Web Application and API Protection

PR Newswire

Cybersecurity Leader Trend Micro Launches First SecOps Solution

PR Newswire

Application Security Provider Data Theorem Earns Security Award

Business Wire