CodeShield - Simplify AWS IAM Security

What People Say

Testimonials

CodeShield provides the best platform to detect the huge risk of privilege escalations by wrongly set IAM permissions. We didn’t know about some of our exposures before we started using it.

Jannik Weichert

Co-Founder & CTO, Edyoucated

Cloud Change Simulation

Simulate the IAM permission changes on your Cloud

Cloud IAM is complex. Service control policies, permission boundaries, resource- and identity-based policies define an invisible access network in your cloud. Analysing only the infrastructure-as-code is insufficient as it represents only a small fraction of the network - the actual referenced cloud resources are missing.
CodeShield analyses cloud and code changes to show the effective IAM permissions pre-deployment in your development workflow. It simulates the impact of your infrastructure-as-code changes to all your cloud resources - to your Lambdas, S3 buckets or DynamoDBs.

Try it out

Speed up Cloud Development

Detect Breaking Changes Pre-Deployment

Choose the right-sized permission sets and avoid over- and under-permissioning of your IAM permissions. Avoid breaking changes as of missing access rights in your cloud.
CodeShield lists all effectively granted access to your cloud resources.

Increase Security Posture

Detect Over-Permissioned IAM roles

Loosely defined IAM policies are a severe security risk and easily allow intruders to compromise data, increase your cloud bill or takeover your entire AWS infrastructure.
CodeShield evaluates all your cloud permissions and showcases IAM privilege escalation scenarios to your environment. For every attack scenario, CodeShield depicts which concrete cloud resources are at risk, this allows one to quickly identify which escalation to prioritize.