Should developers have production access?
A deep dive on the reasons why software engineers need to have production access to do their work especially in a devops environment and how to manage it securely.
Co-Founder
Streamline Database Access with Kviklet: Compliant and Open-Source
Empower Your Engineering Team: Secure Production Data Access, State of the art DevOps, Strict Auditing
Schedule a demo with us.
Streamline and secure data access
Kviklet is the Single Access Pane for Databases
Built for developer experience first. But also built to support ISO27001 and GDPR compliant access processes, based on our experience in leading fintech.
- Database agnostic
- Integrates with MySQL, MariaDB, Postgres, MongoDB and MSSQL. If you use another database, please create a github issue!
- Single query approval
- Review and approve access on query level. Queries can be written using a browser based SQL editor.
- Just-in-time access approval
- Provide access for limited time and auto-revoke access.
- Open-source
- Kviklet is fully open-source under MIT license and free to use.
- Single-Sign-On
- Integrates with OIDC so you don't have to manage separate passwords for production access.
- Compliant audit logs
- Enables extended and identity aware audit logs for database access.
- Self-hosted with Docker
- Kviklet is deployed via Docker container to ensure your data never leaves your network.
- Query explain
- Run Explain statement to test SQL query before execution.
Click to zoom
Connection overview, request temporary access or execute a single query.
Click to zoom
Overview of all open requests.
Click to zoom
Approve or reject a request before executing.
Click to zoom
When enabled Temporary access requests can execute arbitrary SQL.
Click to zoom
Run Explain statement to test SQL query before execution.
Click to zoom
Compliant audit logs for all databases in one place.
Permissions are adaptable to your org and security needs
An Example configuration could look like this:
| Database Connection | Role | Access Level | Temporary | Reviews | Rational |
|---|---|---|---|---|---|
| Database A * public data | Anyone | read | Yes | - | Self-serve read access for everyone |
| Engineers Operations | read/write | Yes | 1x Engineer | Engineers/ Ops can write data with approval by an engineer | |
| Database B * no PII | Team-beta | read/write | Yes | 1x Team-beta | Team-beta can write data with peer review |
| Database C * with PII * credit card restricted | Team-gamma | read | Yes | 1x Eng-Manager | Team-gamma can read sensitive data with manager oversight |
| Team-gamma | read/write | Yes | 1x Team-gamma | Team-gamma can write data with peer review | |
| Database C * with credit card column | Engineers | read/write | No | 1x Eng-Manager 1x Compliance | Critical data access requires manager and compliance approval |
Pricing
Selfhosted but powerful
Choose the version that fits your needs. All versions are selfhosted. Kviklet does not exist as a Cloud product by design.
Open Source
The Kviklet open source edition. Free to use as is.
€0
View on Github- SSO via OIDC or LDAP
- Review and Approval flow
- Basic Auditlog
- Self-hosted
Enterprise
Helps support the development of Kviklet. Get priority support and more.
€3/user/month
- 24/7 Support (24 hour response time)
- Advanced Auditlog + Exports
- Select query history
- SAML SSO
- RBAC synced with SSO provider
- Self-hosted
Consulting
Have a special use case? Need assistance with your setup? Happy to help.
Let's talk
- Custom integrations
- Custom features
- Setup and configuration
Our Blog
How we think about security, engineering culture and open source.
Safely Accessing Production Databases: A Guide for DevOps Teams
A guide to setup production ready processes to access databases for a DevOps team. We cover the best practices and tools to use to ensure being secure and compliant.
Co-Founder
Is Database Access Broken by Design?
Through our research, we’ve identified a spectrum of approaches to managing production database access, ranging from early stage approaches to those adopted by mature organizations
Co-Founder
