Updated Cerbos Hub: Scalable Non-Human Identity permission management, Secure authorization for MCP servers

Hey everyone! Please check out our announcement here: https://www.cerbos.dev/blog/four-new-use-cases-in-updated-cerbos-hub

Cerbos, the enterprise-grade authorization solution, today announced a major update to Cerbos Hub, establishing it as the centralized control plane for every authorization decision across applications, AI agents, services, and workloads. The updated solution enables organizations to manage authorization for every identity in their system with full visibility, consistent policy enforcement, and alignment with Zero Trust strategy.

Processing more than 750 million authorization checks monthly, Cerbos serves over 500 organizations, from finance and healthcare to SaaS. For many customers, Cerbos has replaced hard-coded in-house systems, saving over half a million dollars annually in custom authorization development costs.

"Software builders need access logic that supports real world complexity: scaling tenants, securing MCP servers, and giving enterprise customers the power to define their own roles," said Emre Baran, Co-Founder and CEO at Cerbos. "It should be easy for developers to make changes, security teams to prove compliance, and engineering leadership to release features faster. And it should come at a fair price."

Four Critical Business Use Cases Addressed

This release targets four critical and distinct enterprise failure points the Cerbos team has observed, while working closely with hundreds of security and IAM leaders.

1. Fine-grained, tenant specific authorization. Enables SaaS companies to let customers define their own roles and rules without hardcoding customizations, with tenant-isolated policy storage and real time updates within platform defined guardrails.
2. Dynamic policy management at scale. Automates the full lifecycle of authorization policies with programmatic creation, updates, and deployment to save engineering hours and accelerate releases.
3. Scalable Non-Human Identity permission management. Provides centralized, policy-based authorization for microservices, workloads, and AI agents, implementing least privilege by default and maintaining unified audit trails for all human and non-human access decisions.
4. Secure authorization for MCP servers. Controls which AI agents can access which Model Context Protocol tools using context-aware policies evaluated per agent, per tool, and per session, with full audit context for compliance and debugging.

Comprehensive Authorization Capabilities

The updated Cerbos Hub delivers powerful new capabilities across the entire authorization lifecycle, transforming access control into a strategic business enabler. Organizations can:

• Create, update, and deploy permission policies programmatically.
• Scale policies by tenant, team, environment, or use case.
• Push and deploy policy updates from any Git provider, CI tool, or API, with real-time distribution and built-in testing.
• Achieve enterprise-grade compliance through a complete audit trail of every access decision across all identities, tenants, and apps, with full audit context.

About Cerbos

Cerbos Hub is the enterprise-grade, externalized authorization solution for building secure and scalable software. Cerbos makes authorization simple for developers, engineering and product teams, and provides the control and visibility required by security teams. Powering over 500 organizations, from high-growth startups to public companies, Cerbos Hub is the authorization solution for modern applications, AI agents, and infrastructure. 

The company is committed to advancing authorization standards through active participation in industry working groups and open-source initiatives. Cerbos is a globally distributed company. For more information or to request a product briefing, visit cerbos.dev.