Tech and Non Tech Teams
One platform for the whole organisation
All teams in an organisation have to manage and share credentials. Founders, marketing, sales support, engineering, management all have to access some set of accounts. Our safes make it easy to manage different accounts and share only to teams and their members that require access.
Teams can move faster and onboard new team members without having to go through a hunt for credentials. Everyone can focus on their goals rather than juggle credentials and worry about security.
Developers and Devops
Painless Credential Management
Access IT resources like servers, databases and api endpoints from your software and terminal securely and without having to worry about how to distribute, update and save your credentials.
Credentials in your terminal
Easy to use command line tool
With our pk command line tool you have your credentials, logins, secrets accessible from any terminal. Our secure environment injection makes the credentials you choose, available to your shell session or any software you choose to run
# download some secrets
pk -s tool get secret -n etl-db -n etl-pass
# filter with jq
pk -s tool get secret -n etl-db --jq "..val"
# access your db
pk -s data db -n analytics
# access your ssh key
pk -s prod ssh-add -n ec2-default
Our Swagger Rest API allows you to generate your own APIs for your favourite language and integrate your own tools.
Secure Team Sharing
Share and distribute credentials between teams securly. Manage access to each resource with our fine grained Safe sharing access. This makes on boarding and off boarding users quick and painless.
Save costs while being more secure with our SaaS solution
Opensource is fine but you still have to pay hosting and engineering time to manage it
To host your own solution can cost more than using a pre-built and managed SaaS solution.
A typical production DIY solution would need:
The cost of which on AWS exceeds $500 p/m.
Our SaaS offering at $100 p/m save your organisation five times the cost of a typical DIY hosting,
not to count
the engineering time that you get back from having to manage your own solution:
- a single ec2 t2.xlarge
- a master slave RDS 2 x db.t2.large instances
- making updates for security
- backing up databases
- maintaining an always online system
Your organisation can move faster and concentrate on your the business goals.
Frequently Asked Questions
We provide a free plan. Click here to signup and in plans, select the "Free" plan.
With pkhub you can access your app secrets from any cloud, GCE, AWS, Digital Ocean...
Works with and for the developer
Our pk cli tool is easy to use and fits right into the developer's workflow. This allows your devs to run their applications with the pk cli and they have the credentials they require automatically injected.
We only use Http2 and our encryption is true end to end, i.e we do not even terminate at the load balancer. End to end encryption ensures you that your data cannot be decrypted between you and our API application instances.
cipher = encrypt(unique secure random IV, message)
We do not store any information about your master password that would enable us to reset it. In the case of AWS for example, you can reset your password, which would mean that a would be attacker could use that same mechanism to get hold of a user's account and to their app secrets. To avoid this scenario and provide a more secure service we cannot store anything that would reset your password.
Add your database type, host, port and access credentials to the "DB" section in your "pkhub" safe. The use the
pk dbcommand to open a cli.
You can even use your favourite db cli e.g:
pk db -s pkhub.io -n pk -i -p -x pgcli
See our use case tutorial for Manage Remote SSH/Rsync/Scp Keys
Our software is available for on-premise installation and management, and newer versions are made available as docker images so that you can easily pull in upgrades as needed. To get started contact us.
If you would like a more traditional, contract monthly invoice setup, we can do that for you. To get started contact us.