Big ACL was founded with a simple conviction: authorization should be easy to understand, easy to manage, and easy to scale.

As developers, security engineers, and architects, we’ve seen firsthand how fragmented and complex access control can become—buried in code, spread across services, and understood by too few people. We created Big ACL to solve that.

Our mission is to provide a shared, human-readable policy layer that bridges business intent and technical enforcement—making authorization collaborative, versionable, and platform-agnostic.

Big ACL is a policy modeling platform that lets you:
- Write access rules in natural language
- Collaborate across teams (security, dev, product)
- Translate policies automatically into Rego, Cedar, Java, Go, and more
- Deploy consistently to Open Policy Agent, cloud platforms, and CI/CD pipelines
We help teams model their access logic in one place—so they can enforce it everywhere.

Collaboration-first – Authorization is not just a security concern. It’s a product, dev, and business concern too.

Open standards – We embrace the ecosystem: OPA, Cedar, policy-as-code, cloud-native, and beyond.