CodeShield - Simplify AWS IAM Security

Cloud-Developers worldwide trust CodeShield

What People Say

Testimonials

CodeShield provides the best platform to detect the huge risk of privilege escalations by wrongly set IAM permissions. We didn’t know about some of our exposures before we started using it.

Jannik Weichert

Co-Founder & CTO, Edyoucated

I recently had the opportunity to use CodeShield in my AWS security assessments where it supported me as whitebox cloud pentest. One notable example involved the detection of a potential attack scenario, where an attacker could have exploited a vulnerable Lambda function to gain unintended access to the entire AWS account.

Victor Grenu

Founder & CEO, zoph.io

Cloud Change Simulation

Simulate the IAM permission changes on your Cloud

Cloud IAM is complex. Service control policies, permission boundaries, resource- and identity-based policies define an invisible access network in your cloud. Analysing only the infrastructure-as-code is insufficient as it represents only a small fraction of the network - the actual referenced cloud resources are missing.
CodeShield analyses cloud and code changes to show the effective IAM permissions pre-deployment in your development workflow. It simulates the impact of your infrastructure-as-code changes to all your cloud resources - to your Lambdas, S3 buckets or DynamoDBs.

Try it out

Speed up Cloud Development

Detect Breaking Changes Pre-Deployment

Choose the right-sized permission sets and avoid over- and under-permissioning of your IAM permissions. Avoid breaking changes as of missing access rights in your cloud.
CodeShield lists all effectively granted access to your cloud resources.

Increase Security Posture

Detect Over-Permissioned IAM roles

Loosely defined IAM policies are a severe security risk and easily allow intruders to compromise data, increase your cloud bill or takeover your entire AWS infrastructure.
CodeShield evaluates all your cloud permissions and showcases IAM privilege escalation scenarios to your environment. For every attack scenario, CodeShield depicts which concrete cloud resources are at risk, this allows one to quickly identify which escalation to prioritize.