Neon Authorize Moves Access Controls to the Database Layer

Neon Authorize Moves Access Controls to the Database Layer

You may have seen that Neon recently received a $25 million injection of cash from M12, Microsoft's venture fund. You may have also seen the explosive growth of Postgres over the last few years, which has become the database-of-choice for engineers building cloud applications. This ambitious company is striving to make their serverless Postgres platform the easiest and most efficient way to spin us Postgres databases.

The question becomes, what will they do with this new money? Having raised a large Series B last year, it's quite obvious that Neon didn't need it. Andrew Smyth, a Managing Partner at M12, was quoted as saying, "This strategic investment emphasizes our commitment to deeply integrate Neon into Azure." Neon CEO Nikita Shamgunov followed up by saying, "This new investment ensures Neon is well-positioned to build and ship features that will transform the developer experience within Microsoft Azure."

With Microsoft Ignite around the corner, we can expect some deeper ties between Neon and the Azure ecosystem in the near future. But these are somewhat expected movements. Microsoft Azure is in a constant battle with Amazon Web Services (AWS) for the hearts and minds of developers, so it's no mystery why they made this investment and are interested in Neon's technology.

It's perhaps more interesting to take a look at what else Neon is up to from a product development perspective. Today, the company has launched what they are calling Neon Authorize, which gives engineers granular access controls at the database layer.

Row-Level Security

This new offering from Neon leverages Postgres RLS (Row-Level Security)—a Postgres primitive that protects data from malicious actors even when accessed through third-party tooling—and, according to the company, makes it much simpler to use via new deployment models for application developers.

Bryan Clark, the VP of Product at Neon, says it "makes perfect sense" to set up authorization policies at the database layer. Developers can integrate their existing authentication provider directly with Neon. After doing so, calls to the database can be authenticated with a JSON Web Token (JWT) generated by the authentication provider. This means developers can build applications that are entirely client-side without needing a server or backend.

I have to imagine managing access controls at the database layer comes with its own complications and risks. That said, it's exactly the kind of innovation you want to see from a young company with fresh cash and an ambitious mindset. Keep an eye out for Neon—we expect big things from them in the future.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics