The IAM Policy Copilot
Save time and reduce your attack surface by automating the creation of IAM policies for AWS services, workloads and machine identities.
Get notified when Slauth.io is available on GCP or Azure
HOW IT WORKS
Value within minutes
Choose between our SaaS or self-hosted companion to bolster your IAM practices

Connect your Github repositories and AWS environment to initiate a scan

Get least-privilege policies based
on your code

Review remediation recommendations and apply to your AWS environment
Experts Know Best
SLAUTH TO INCREASE VELOCITY
Automate IAM policy creation
Get relevant IAM recommendations as you code and where you code.
Policy generation in real-time
Shift-left your IAM efforts by creating IAM policies for services, workloads and machine identities as they become ready to be deployed.
Right-sized permissions based on your code
No more wildcard or guesswork! Deploy only IAM permissions according to the outcomes of your code analysis.
Recommendations directly in your IaC
Forget about AWS console and Access Analyzer. With Slauth.io, IAM recommendations are available where you code, merge and deploy.
SLAUTH TO IMPROVE INSIGHTS
Remove IAM blind spots
Unlock IAM analytics to discover how AWS services are being utilized in your environments for maximum efficiency in development and maintenance.
Improved logs for a complete view of your IAM security posture
Get rich logs with additional context on machine-identities activity during the different SDLC stages.
Versioning for better control and early remediation actions
Detect and document IAM changes to detect anomalies early or conduct root cause analysis.
Auditing and reporting features to augment your SIEM
Store and validate your IAM events for compliance with regulations such as SOC, PCI, and HIPAA.
Ready to Get Started?
Free 30 day Trial
Perfect plan to get started
A free plan grants you access to some cool features of Slauth.
200 IAM policies auto-generation
GitHub integration
Multiple AWS accounts
Slack support
Slauth.io Event Activity Dashboard
SaaS or self-hosted
When you onboard with Slauth.io, we collect Personally Identifiable Information (PII) to create your profile.
When connecting your GitHub account, Slauth.io accesses the source code based on the repositories you select. For AWS connections, we collect metadata related to your policies and resources. This data is then processed by OpenAI using Slauth.io premium API configuration.
In our self-hosting model, the Slauth.io application can be deployed on your server and you will be able to choose to connect your own OpenAI API keys or use Llama2.
Data is stored as follows:
For SaaS Users
Your data is securely stored on Slauth.io servers hosted on AWS US-East.
For LLM analysis, data is shared with OpenAI.
For On-Prem Users
You have the choice of where your data is stored.
For LLM analysis, data can be shared with OpenAI.
To fully utilize Slauth.io's capabilities, you'll need:
- An AWS account
- An app deployed on AWS using the AWS SDK
- GitHub as your code repository
- No mono repo setups (currently being worked on)
- Languages: All languages are technically supported but Typescript has shown the most success from our experience to date
Slauth.io requires read-only access to your GitHub repositories to scan your codebase. This data is then processed by the LLM to generate secure IAM policies. Post-Beta, read and write access for pull request generation will be introduced.
Slauth.io creates a cross-account role with read-only permissions to scan your AWS environment as a security audit role. This data, along with the code repository data, is processed by the LLM to compare IAM policies and suggest remediations if a more secure policy is relevant.
Slauth.io focuses on mitigating identity and access-related vulnerabilities by generating least-privilege IAM policies. This helps prevent unauthorized access, privilege escalation, and other security risks associated with overly permissive policies.
Yes, the IAM policies generated by Slauth.io are presented in JSON format, allowing you to review and customize them before implementation.
Currently, Slauth.io is focused on AWS environments. However, we have plans to extend our support to multi-cloud and hybrid cloud environments in the future.
You would like to get notified when Slauth.io is available on GCP or Azure? Simply let us know!
SIGN-UP TODAY!
Centralize your policies to automate, secure and govern your IAM
Join our close beta to accelerate your time-to-market and streamline security processes.