Press release

Styra Further Commits to Safeguarding Customer Data With SOC 2 Attestation

Sponsored by Businesswire

Styra, Inc., the founders of Open Policy Agent and leaders in cloud-native authorization, today announced that it has successfully completed the Service Organization Control (SOC) 2 Type I audit for the Styra Declarative Authorization Service (DAS). The audit was conducted by A-LIGN ASSURANCE, an independent auditing firm, in accordance with the American Institute of Certified Public Accountants practices. The SOC 2 audit addresses controls relevant to security, availability and processing integrity of the systems the service organization uses to process users’ data, and the confidentiality and privacy of the information these systems process.

“Styra has reinvented authorization solutions to mitigate customer risk, and this SOC 2 attestation reinforces our commitment to trust and transparency in safeguarding customers’ data,” said Bill Mann, chief executive officer, Styra. “Achieving this attestation is critical as we continue to build out our vision of ‘policy-as-code’ guardrails to protect both cloud-native applications and the software-defined infrastructure they run upon.”

With Styra, enterprises define, enforce and continually monitor security, compliance and operational policies across the cloud-native application stack. Styra DAS is a sophisticated management plane that provides context-based guardrails—built from a graphical policy library—to mitigate risk, reduce human error and accelerate development. Styra makes it possible for enterprises to implement policy-as-code controls and to prove their effectiveness to both internal and external security and compliance audiences.

Service Organization Control (SOC) 2

These audit reports provide a level of detail sufficient to address the user’s vendor risk management needs and are restricted to specified parties with sufficient knowledge and understanding of the service organization’s system and the nature of services it provides. The Styra SOC 2 audit report is available upon request.


About Styra

Styra enables enterprises to define, enforce and monitor policy across their Kubernetes environments. With a combination of open source (Open Policy Agent) and commercial solutions (Declarative Authorization Service), Styra provides security, operations and compliance guardrails to protect applications, as well as the infrastructure they run on. Styra policy-as-code solutions let developers, DevOps and security teams mitigate risks, reduce human error and accelerate application development. Learn more at