Secure AWS IAM without overloading experts
Deliver apps securely with usable automation and insightful audits. Today.
Understand the access apps & people have and what could be stolen or destroyed
Deploy secure IAM policies with your infrastructure code pipelines
Improve access granted by AWS IAM without overloading experts
Summarizing access so customers can focus on improvement
IAM users & roles
Buckets & Keys
AWS Security is Too Difficult
Changing Application Architectures
Cloud applications are deployed differently
+3x more identities
Increasing Rate Of Change
Applications and their infrastructure are changing faster than ever
+3x more changes to review
Custom security policy creation & manual audit doesn’t scale.
Deliver security, simply
Analyze identities actual and desired access in terms everyone can understand, k9 Access Capabilities (details).
- Reduce confusion within customer teams when discussing security controls and audit results
- Declare desired access in the same terms access is audited
- Accelerate path to secure deployments
Improve security policies easily and scalably with infrastructure automation libraries and expert support.
- Code the access you intend and generate robust security policies with Terraform & CDK
- Improve security policies continuously with simple, periodic reviews of actual access and policy automation updates
- Access AWS security policy engineering experts on-demand or extend your team
Audit and report the effective access of each IAM principal whenever you want.
- Comprehensive access report everyone understands, delivered daily
- Reports formatted in JSON, CSV, and Excel formats integrate with existing tools and analysis processes
- Customer data encrypted with customer encryption key
USABLE AWS SECURITY
- Review access reports using the k9 Security Katas and identify issues
- Remediate access issues by cleaning up principals and using the k9 secure policy generators
Customers often find in production accounts:
Unexpected IAM admins
Unused IAM Principals
Access gaps to critical data and keys
Simple Daily Reporting
k9 assesses access granted by your AWS security policies nightly, and publishes a report to your own secure inbox in S3.
Pivot, filter, slice, and dice with tools and data you already use.
Use the Excel format (sample) for quick, interactive analysis. Load the CSV or JSON format into your SIEM for monitoring.
Certified 3rd party access audit? ✓ Done.
Audit IAM administrators: ✓ Done.
Audit IAM for unused principals: ✓ Done.
Audit access to critical data sources & keys: ✓ Done.
Supported Services: IAM, STS, KMS, S3, RDS, DynamoDB, Redshift, and more (1375 AWS API Actions)
k9 tells you exactly what AWS permissions allow today and every day.
k9 dynamically determines who has access using AWS IAM APIs. k9 summarizes that into actionable reports (details). Analysis includes Service Control, IAM, and Resource policies.
This is not a static analysis of IAM policy or summary of yesterday's CloudTrail events.
Robust Policy Automation
Improve your security policies by using k9's infrastructure automation libraries to specify your intended access clearly and let k9 take care of generating a least privilege security policy. See k9 Security's Terraform libraries on GitHub.
Least privilege access policy? ✓ Done.
Code review? ✓ Done.
Our simple setup process will have you up and improving quickly (hours, not weeks).
Configure k9 access to your AWS accounts in less than 30 minutes with our simple automation.
Daily assessments of your accounts are delivered to your secure inbox (S3 bucket).
Use k9 access reports, automation libraries, and pro support to improve security.