AI TOOL PROFILE
Cerbos: Enterprise Authorization Software
- Security
- Identity and Access Management
- Software companies
- Enterprise companies
- Security and engineering teams
- Companies building AI-powered applications
Pricing
Cerbos offers a free open-source version. The Development plan starts at $25/month, and Production plans start from $933/month. Custom pricing is available for Enterprise needs.
At a glance
- Best for
- Software companies, Enterprise companies, Security and engineering teams, Companies building AI-powered applications
- Key use cases
- SaaS Multi-tenant Access Control, AI Agent Security, MCP Server Protection, Non-Human Identity (NHI) Authorization, Compliance Support
- Integrations
- GitHub Actions, Git providers, CI/CD tools
- Official website
- Visit cerbos official website

How AI is used
Cerbos is an authorization platform for Zero Trust environments and AI-powered systems. It allows teams to externalize access control logic, managing permissions as policies rather than hard-coding them into application software.
The tool is designed for software companies and enterprise-scale organizations managing complex user roles and non-human identities. It supports authorization models including RBAC, ABAC, and PBAC to help maintain a principle of least privilege.
Beyond standard application permissions, the software supports security for AI agents, RAG pipelines, and MCP servers. It is designed for high performance with decision times under 1 millisecond to help maintain application speed while enforcing security.
Buyers should verify that their technical team is comfortable with a policy-as-code workflow and confirm that the available SDKs for their programming languages meet their architectural requirements.
Key Features
Policy Decision Point (PDP)
An open-source engine that evaluates access requests against defined policies to return authorization decisions.
Cerbos Hub
A central control plane for authoring, testing, versioning, and distributing authorization policies.
Fine-Grained Access Control
Supports RBAC, ABAC, and PBAC models to define permissions based on user attributes and context.
Cerbos Synapse
A data layer that fetches identity and relationship data from external systems to enrich authorization requests.
Multi-Language SDKs
Client libraries for JavaScript, Python, Java, .NET, PHP, Rust, Go, and Ruby.
Audit Logs
Records of authorization decisions to support compliance and visibility.
Use Cases
SaaS Multi-tenant Access Control
Managing isolated environments and per-tenant custom policies for multi-tenant software offerings.
AI Agent Security
Implementing authorization for AI agents and agentic workflows to help prevent over-permissioning.
MCP Server Protection
Applying dynamic authorization and access control for Model Context Protocol (MCP) servers.
Non-Human Identity (NHI) Authorization
Securing access for workloads, services, and API clients.
Compliance Support
Using decision logging to support audits for GDPR, SOC 2, HIPAA, and ISO 27001.
Integrations
- GitHub Actions
- Git providers
- CI/CD tools
FAQ
What is a 'principal' in Cerbos pricing?
- A principal is a unique identity requiring an authorization decision during a month, which can be either a human user or a non-human identity like a bot or service.
Does Cerbos support on-premise deployment?
- Yes, Cerbos supports on-premise, air-gapped, and cloud deployments.
Which authorization models does Cerbos support?
- Cerbos supports Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Policy-Based Access Control (PBAC).
How does Cerbos handle AI system security?
- It provides contextual access control for AI agents, RAG pipelines, and MCP servers to help manage permissions and prevent shadow access.
Source category: Security
Source subcategory: Identity & Access Management
More tools in Security
Other published listings in the Security category.
More tools in the Identity and Access Management software type
Related listings that share the same software type for comparison and shortlisting.
Browse all Identity and Access Management software type tools
