Security News > 2022 > October > How Oso’s security-as-code approach to authorization might change how you think about security
How Oso's security-as-code approach to authorization might change how you think about security.
Oso, which just announced today the general availability of Oso Cloud, offers an open source policy engine for authorization that represents security as code so developers can express security as a natural extension of their applications.
While nothing about authorization is easy, it's also true that everything about authorization is important, even if authorization doesn't tend to be core to any particular person's job.
What does work, Neray continued, is to think of authorization as composed of three core abstractions - logic, data and enforcement - and "Once you understand how each of them works, you can build structured solutions that let you bend authorization to your will."
In a similar manner, in Oso you put your authorization data in a standard format, write arbitrarily simple or complex authorization logic, and then can ask any question you want.
Also See Share: How Oso's security-as-code approach to authorization might change how you think about security.