AuthZed Blog

OWASP is set to release their first Top 10 update since 2021, and this year’s list is one of the most awaited because of the generational shift that is AI. The security landscape has fundamentally shifted thanks to AI being embedded in production systems across enterprises from RAG pipelines to autonomous agents. I thought it would be a fun little exercise to look at CVE data from 2022-2025 and make predictions on what the top 5 in the updates list would look like. Read on to find out what I found.

AI agents promise to revolutionize enterprise operations, but without proper access controls, they risk exposing sensitive data to unauthorized users. Learn how AuthZed's Authorization Infrastructure for AI prevents data leaks while supporting millions of authorization checks per second. Watch our live demo on implementing AI-aware permissions systems.

AuthZed is turning five years old! Join us Wednesday, August 20th for our Authorization Infrastructure Event, where we're bringing together industry experts and sharing exciting new product developments plus experimental work from our lab.

AuthZed CEO Jake Moshenko shares his experience coding with AI.

AuthZed Cloud is coming soon, expanding beyond enterprise-only solutions to offer self-service authorization infrastructure for companies of all sizes. Join our waitlist to be first in line when we launch this game-changing platform.

Gain instant visibility into your authorization layer with AuthZed’s new Datadog integration. Stream SpiceDB metrics—latency, cache efficiency, datastore performance, and more—into the dashboards you already trust, so you can correlate events across your stack and troubleshoot faster without extra tooling.

AuthZed provides permissions systems that help secure and improve your RAG and agentic AI systems

Announcing the AuthZed Cloud API in Tech Preview—an API for managing AuthZed Dedicated Cloud infrastructure. Following the cloud computing pattern of lifecycle management APIs, this new tool allows you to manage permissions systems and restrict API-level access to SpiceDB within your authorization infrastructure.

AuthZed tackles broken access control through innovative authorization infrastructure. After launching open-source SpiceDB in 2021, they created AuthZed Dedicated Cloud—offering enterprises the security benefits of private clouds with public cloud convenience. This middle-ground solution provides isolated authorization data processing with dedicated resources, perfect for regulated industries requiring enhanced security.

How ARM helps AuthZed build and operate authorization infrastructure, from day-to-day productivity gains to cost-effective, performant cloud compute.

Zed CLI provides seamless interaction with SpiceDB clusters, allowing you to manage schemas, relationships, and permissions checks. Our v0.30.2 release adds composable schema support, automatic retries, backup functionality, and upcoming Windows package integration via Chocolatey.

Watch AuthZed CPO Jimmy Zelinskie and Upgrade's Pierre-Alexandre Lacerte discuss modern authorization challenges, relationship-based access control, and why companies shouldn't build their own authorization systems in this insightful KubeCon Europe 2025 interview with Techstrong.

Meet Dibs the Muad'dib, SpiceDB's new mascot that embodies our commitment to resilience, adaptability, and precision in solving complex authorization challenges. Drawing inspiration from Frank Herbert's Dune universe, this vigilant desert creature symbolizes how SpiceDB navigates the harsh terrain of modern access control with efficiency and intelligence.

We are excited to announce that as of the SpiceDB 1.40 release, users now have access to a new experimental feature: Relationship Expiration. When writing relationships, requests can now include an optional expiration time, after which a relationship will be treated as removed, and eventually automatically cleaned up.

Today we are announcing the experimental release of Relationship Expiration, which is a straightforward, secure, and dynamic way to manage time-bound permissions directly within SpiceDB.

DeepSeek has emerged as a phenomenon since its announcement in late December 2024 and security has been at the forefront of recent conversation. At AuthZed, we recognize that trust and security fundamentally shape how organizations evaluate AI models, which is why we're sharing our perspective on this crucial discussion.