Go Fast, Safely

Protect data in AWS, quickly and confidently.  Cloud teams improve security policies and accelerate delivery processes with our usable automation and audit tools.

Good AWS Security is Too Difficult

The biggest challenges for managing AWS IAM effectively are:

Complex AWS Security Model

Nobody understands how all the security policies fit together.

AWS policy evaluation is very complex.  Five kinds of policy, +3500 API actions, and frequent changes with new services and actions launching daily.

Changing Application Architectures

Cloud applications are deployed differently.

Applications restructure when they move to the Cloud.  Each application component gets an identity. Access controls migrate from the network layer to the application identity.

Increasing Rate Of Change

Applications and their infrastructure are changing faster than ever. Continuous Delivery and Infrastructure as Code can deliver multiple security changes per week, day, or hour.

Security policies are hard to get right and difficult to validate (details). Traditional policy engineering and review processes overload Cloud security experts and delays projects.  Nevermind there are 10x more IAM principals and changes than the traditional datacenter.

Custom security policy creation doesn’t scale. 

Deliver security, simply


Use a simple language so everyone understands what each principal should and actually can do with data and APIs in AWS

The k9 Access Capability and Tagging models provide a cohesive foundation that spans your delivery process and:

  • Reduces confusion within customer teams when discussing security controls and audit results
  • Accelerates and derisks path to secure deployments


Improve security policies easily and scalably with infrastructure automation libraries and expert support.

  • Code the access you intend and generate robust security policies within Terraform delivery pipelines
  • Improve security policies continuously with simple, periodic reviews of actual access and policy automation updates
  • Access AWS security policy engineering experts on-demand or extend your team




Audit and report the effective access of each IAM principal whenever you want.

  • Comprehensive and correct access report that is simple for everyone to understand, delivered daily
  • Reports produced in JSON and Excel formats integrate with existing tools and analysis processes
  • Customer data encrypted with customer encryption key

Usable AWS Security

Robust Policy Automation

Improve your security policies by using k9's infrastructure automation libraries to specify your intended access clearly and let k9 take care of generating a least privilege security policy.  See k9 Security's Terraform libraries on GitHub.

Least privilege access policy? ✓ Done.

Code review? ✓ Done.

Simple Daily Reporting

k9 assesses your entire AWS IAM ecosystem nightly, and publishes a report to your own secure inbox in S3. 

Pivot, filter, slice, and dice with tools and data you already use.

Load the JSON format into your SIEM for monitoring. Use the Excel format (sample) for quick, interactive analysis.

Certified 3rd party access audit? ✓ Done.

Need to know when a principal was last used? ✓ Done.

Who has access to what data?

Get Started

Our simple setup process will have you up and improving quickly (days, not weeks).


configure access

Configure k9 access to your AWS accounts quickly with our simple process.


Daily assessments of your accounts are delivered to your secure inbox (S3 bucket).

Improve Policies

Use k9 access reports,  automation libraries, and pro support to improve security.

Ready To Get Started?