Updated Cerbos Hub, the complete authorization solution for your Identity Fabric

It’s been a big year for Cerbos Hub.

Engineering teams across all industries have been adopting Cerbos, from global utility providers and automobile leaders to fintech scaleups and SaaS startups. Today, hundreds of organizations rely on Cerbos Hub to securely manage their authorization.

Every month, Cerbos processes more than 750 million authorization checks. For many of our customers, Cerbos replaced hard-coded in-house systems and saved over half a million dollars annually in custom authorization development costs.

The latest release makes Cerbos Hub the centralized control plane for every authorization decision across applications, AI agents, services, and workloads. Organizations can now manage authorization for every identity in their system with full visibility, consistent policy enforcement, and alignment with a Zero Trust strategy.

Authorization as your business enabler

Software builders need access logic that supports real-world complexity: scaling tenants, securing MCP servers, and giving enterprise customers the power to define their own roles. It should be easy for developers to make changes, security teams to prove compliance, and engineering leadership to release features faster.

And it should come at a fair price.

After hundreds of customer conversations, we are proud to introduce a major update to Cerbos Hub. This release brings powerful new capabilities and enables new use cases across the entire authorization lifecycle.

Faster policy creation, validation, and management

We always strive to make Cerbos Hub easy to use. Our new features let you manage policies in code and deploy updates quickly without any custom infrastructure. With this update, you can:

• Scale your policies by tenant, team, environment, or use case
  The new Policy Stores let you manage policies by tenant, team, environment, or use case. You can organize each group and control how it is tested, versioned, and deployed. This keeps your rules clean and lets you isolate tenant-specific policy, dynamic roles, or domain-specific logic.

• Manage policies via code and CI
  Create, update, and version policies directly from your backend or internal tools using Cerbos Hub’s API, CLI, or SDKs.

• Test every policy update automatically before it rolls out
  Every policy change is versioned, compiled, validated, and tested to catch issues early and stay production ready.

Plus, Cerbos Hub scales with your needs: unlimited policies, roles (including custom and dynamic), resource types, and tenants. You can model RBAC, ABAC, PBAC, and support runtime, event-time, admin-time, and continuous authorization.

Seamless deployment

Policy deployment should not be a bottleneck. Whether you are working across multiple teams, use cases, or environments, Cerbos Hub makes it easy to bundle, test, and roll out authorization logic securely and automatically. Cerbos Hub now offers enhanced deployment features:

• Multi-source deployments
  Pull policies from different teams, tenants, and tools into a single deployment. Policy Stores give you clean separation between rule sets, making it easy to compose core policies, tenant-specific logic, and runtime updates into one versioned bundle that is automatically validated.

• Flexible policy delivery
  Push policy updates from any Git provider, any CI tool, or via API. There’s no lock-in and no need to change your existing workflows.

• Managed distribution
  Each time you update a policy, Cerbos Hub builds, tests, and deploys it automatically**.** The platform takes care of compiling and coordinating the real-time distribution of updated policies to all connected PDPs, with full version control.

Complete audit trail across all identities

Your security and compliance teams get the clarity they need to enforce least privilege, respond to incidents quickly, and meet SOC 2, ISO 27001, HIPAA, PCI DSS, and GDPR requirements. Compliance capabilities include:

• Full visibility
  Capture every decision and link it to the exact policy version. Cerbos Hub provides a unified audit trail across services, agents, workloads, and tenants, so you always know who accessed what, when, and why.

• Centralized log retention
  Store audit logs for both human and non-human identities in a single place. With our paid plans, you control how long logs are retained to satisfy any regulation.

• Real-time monitoring
  Track policy versioning and authorization activity as it happens. Live monitoring makes debugging faster and incident response smoother.

Audit logs are one of our most loved features. Cerbos Hub gives you the insights you need, exactly when you need them.

Take a look at our “How it works” video to see Cerbos Hub in action.

And if you’d like a technical walkthrough to see how Cerbos Hub fits your workflow, book a workshop with our engineers. We are happy to show you all the Cerbos Hub superpowers 🛠