The Build Security Developer Hub

Welcome to the Build Security Developer Hub. Here you will find comprehensive guides and documentation to help you work with Build Security as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

About build.security

build.security provides developers with a new approach to simplify the development and management of the organization's authorization policy. Using the build.security control plane, you can easily configure and manage all of the necessary components to integrate the platform with your organization to apply and monitor how you want your users to access your resources.

Policy building in build.security

Developer to Developer, Lightweight, User-Friendly, and Scalable

build.security’s policy engines are lightweight and designed with performance and scalability in mind. The user interface, especially its ability to function as a single point for creating and managing access policies, is both easy-to-use and completely unique. The platform, built by developers for developers, enables lightning-speed application RBAC and ABAC with fine-grained access controls and decoupled logic.

build.security’s authorization policy management platform takes minutes to integrate and deploy. The platform offers a hybrid solution for developers that enables them to run sidecar containers in either their development or production environments, hook them into their application with SDKs or proxy plugins, and immediately get started with a managed cloud offering for authorization management, visibility and reporting.

Leverages OPA and the Power of Open-Sourcing

Leveraging the Open Policy Agent project and the power of open-sourcing, build.security uses API-based data sources to inform enterprise-grade access controls across application portfolios. With build.security, development teams can ensure that their applications meet critical standards and compliance requirements in just a matter of minutes.

External Data Sources in Real-Time

Recognizing that every application must account for its own unique set of authorization rules, build.security offers a catalogue of data source connectors to further shorten development cycles. The platform architecture leverages optional caching mechanisms to avoid performance impact.

build.security allows organizations to bring information from external data sources to the policy engine in real-time. Current external data-source integrations include PostgreSQL, Elasticsearch, and DynamoDB. Additional integrations are already planned for ticketing systems such as JIRA and ServiceNow, and source code repositories such as git and Bitbucket, and more. This means that developers can now leverage information from all the above-mentioned data sources in their policy decisions with just a few clicks.

Data sources

Key Features

The platform’s key features include:

  • A unified "single pane of glass" approach that enables developers to easily author, evaluate, distribute and monitor policies at scale.
  • Policy-as-code, allowing developers to express authorization policies with a no-code policy building process or through a low-code declarative language.
  • Seamless integrations with identity providers, databases and other API-based services.
  • Automatic policy suggestions based on runtime interactions between services.
  • Pre-defined, common rules built into the platform enables quick customization and implementation of organization's authorization policy.
  • Lightweight and performance-optimized hybrid cloud / on-prem architecture.
  • Detailed decision logs table enables you to view all decisions made by the Policy Decision Points PDP managed in the project.
  • Log shipping integration enables you to easily send decision log backups from the control plane to one or more databases within your organization.

Updated 12 days ago


About build.security


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.